One of the most notorious ATM scams in Japan started at a posh golf club in the green hills of Gunma prefecture. In 2004 a ring of thieves that included a club employee installed tiny cameras in the club’s locker room to record members typing in their four-digit locker codes. Then, while the golfers were out on the links, the thieves opened the lockers and used skimming devices to copy data off the magnetic stripes on club members’ bank cards.
The crooks transferred the data onto the mag stripes of blank cards. Then they started testing those cards in ATMs, checking to see how many of the golfers had used the same four-digit number for both their locker codes and their bank personal identification numbers (PINs). The answer: plenty. By the time the police arrested seven members of the gang in January 2005, the crooks had stolen more than 300 million yen (nearly US $4 million) from more than 300 victims.
In an orderly society like Japan, the busting of an ATM-theft ring was big news. And the 2005 golf-club case was one of 801 instances of ATM crime that year—an astounding jump from just 90 in 2003. Shocked by such a rise, the Japanese government demanded that banks find ways to combat ATM fraud and ordered them to compensate victims from their own coffers. The banks turned to the country’s high-tech firms for help, and both Hitachi and Fujitsu came forward. The answer, they said, was already in their hands.
Put one of your hands in front of a bright light and you’ll see a web of blue veins snaking up across your palm and into your fingers. That delicate lattice of branching blood vessels is unique to you, just like the striations in your irises or the swirls of skin on your fingertips. Hitachi and Fujitsu have been working for years to commercialize technologies that identify people by their vein configurations.
Now, thanks to their biometric systems, about 80 000 ATMs in Japan are as close to being theft proof as it’s currently possible to make them. They’ve worked so well that the technology is now rolling out worldwide: Major banks in Brazil, Poland, and Turkey have recently integrated Hitachi and Fujitsu’s vein scanners into their ATMs, with more to come. In Europe, ATM theft from skimming and other fraud added up to €23 million in the second half of 2010, according to the European ATM Security Team. In the United States, where the simple and relatively insecure mag-stripe card still predominates, ATM fraud and theft is generally assumed to be a far larger problem. Exact figures for global losses are impossible to come by, but Robert Siciliano, an identity theft and fraud expert with the security company McAfee, says that at least $1 billion is lost every year.
Nigerian Scammers Target The Stupid
Nigerian scam letters include carefully designed flaws, complete with misspellings and pidgin English, in order to weed out the intelligent and leave only the most vulnerable targets, new research says. Offers of millions of dollars from a Nigerian prince are intentionally unbelievable in a scam technique perfected to target the vulnerable, gullible and elderly, according to the study.
A research paper by Microsoft's Machine Learning Department, entitled 'Why do Nigerian scammers say they are from Nigeria?', has found the formula is a cost effective way at "reducing the false positives". "Far-fetched tales of West African riches strike as comical... (but) our analysis suggests that is an advantage to the attacker, not a disadvantage," wrote principal researcher Cormac Hurley.
"Since his attack has a low density of victims, the Nigerian scammer has an overriding need to reduce the false positives. "By sending an email that repels all but the most gullible, the scammer gets the most promising marks to self-select, and tilts the true to false positive ration in his favour."
The advance fee frauds, also known as 'Nigerian scams', or '419 scams' after a section in Nigeria's criminal code, are fake internet letters sent out to millions of addresses at a time. Researchers found the more outrageous the story, the more likely it would suck in a victim. "A less outlandish wording that did not mention Nigeria would almost certainly gather more total responses and more viable responses, but would yield lower overall profit," Mr Hurley said. Last year, a Nigerian man was jailed for 12 years after scamming US$1.3 million.
And internet safety group Netsafe says that New Zealanders are still falling for the scams, and the monetary losses have a "huge impact" on individuals and families. "So next time you open a scam email and think to yourself: 'Why bother?' live happy in the knowledge you're not the target market," Mr Hurley concluded.
But Netsafe wasn't convinced that the scams specifically targeted the vulnerable or gullible. It says it takes only a person to receive an email after suffering a bad business deal, or being in the wrong frame of mind, to ignore common sense and "take a risk and reply." Netsafe chief technology officer Sean Lyons said: "The scammers do not set out to hit Joe Bloggs. It's organised crime, with large call centres and well developed processes to extract money from people. Sometimes it works, sometimes it doesn't. They know it's a numbers game.
"For some people it's the right time and place, the right pay-off, and they're willing to take a risk, often thinking they're smarter than the people at the other end."Nobody approaches you with a get-rich-quick scheme by email when they don't know you from a bar of soap."
Scamferences
ORGANISERS of "scamferences" don't just want to make money from innocent academics who book rooms at non-existent hotels. Guy Cox writes that sometimes the aim seems to be a bit more sinister: "I signed up for one in Florida, which promised that my air fare and hotel would be paid, and my visa would be arranged. So the form asked for full details of my passport."
This would of course be prime identity-theft material, and it reminds us that the proposal from our hypothetical academic "Jo De Selby of Dalkey University, Argentina" to present a paper entitled "Hermeneutics of innovation in the panopticon" was eagerly accepted by the organisers of the "Climate Change Volunteer Conference 2012" (18 August). We wrote to the host venue, the "Royal Eco Hotel" - whose location in the real world is a shoe shop not far from London's Berkeley Square - asking about a reservation.
The response, headed "Royal Eco Hotel", offered a "Classic Room" for £99 per night - for central London, a bargain! It said the hotel only accepts cash or payment through wire transfer services such as Western Union or MoneyGram, and asked us to "forward a scan copy" of a transfer slip itemising the fee.
We asked around among acquaintances who do such money transfers, and they reckon that, armed with such a copy, a scammer could attempt to collect the money anywhere in the world - especially at a money office staffed by a covert co-conspirator.
So we wrote back politely asking instead for the hotel's International Bank Account Number, so we could make an online payment in the now-usual way. We were utterly unsurprised to receive no response.
We were, however, subsequently startled to receive an email the day after the conference would have finished, had it existed, saying we were "entitled to the sum of £5500" in refund of our expenses and inviting us to send scans showing all the payments we had made.
We began to feel the loopiness of these scammers was getting boring and decided it was time to hand the evidence to the professionals.
Normal channels at the Metropolitan Police could only open an investigation if we had actually lost money. So we have asked the Met's press office to forward it to an interested officer. We await a response
Trust
I would never hitchhike, but I’ve slept on a stranger’s couch.
I was travelling through Italy and liked the look of the pictures they had posted on a couch-surfing website. It turned out to be a great time—they fed me home-cooked meals, introduced me to their friends, and showed me a part of Rome that I never would have seen otherwise. But for the whole weekend, I also couldn’t shake the thought that the risk I took could have gone horribly wrong.
My generation grew up with the Internet, spending formative years connecting with others online—first friends, then, increasingly, strangers. We’ve gotten used to sharing intimate details of our lives alongside our real names and photos. We seek friends, professional contacts, and dates in the same way we look for restaurants or concert tickets. A few years ago, our parents might have been worried that this fluency in digital communication would leave us somehow stunted, hiding behind the veil of an online persona. But the opposite appears to be true—millennials are only too eager to share their lives with people they don’t even know. Have we become too naive for our own good?
The red flags seem to pop up increasingly often. In January, Notre Dame linebacker Manti Te’o was humiliated for having a very public e-relationship with a very imaginary e-woman. Apparently, there are enough people consorting with potential frauds online that the 2010 film Catfish, in which 20-something New Yorker Nev Schulman discovers that his “girlfriend” is really just one of several characters created and played by a middle-aged mother of four in Michigan, has spawned a spinoff series on MTV. One would think the story of University of North Carolina physics professor Paul Frampton, whose relationship with an Internet fraud landed him in an Argentine jail (and in The New York Times Magazine), would serve as a warning as well.
When did we let our guard down? How did we evolve from the days of AOL, with its inscrutable user names and anonymous chat rooms, to sharing our age, sex, location, and damn near everything else about ourselves—and a geo-location tag to boot—with perfect strangers?
“Human beings operate in a very strange way,” says Catalina Toma, a University of Wisconsin professor who studies how the way we communicate is affected by new media technologies. More than we realize, she says, we use nonverbal cues such as facial expressions to determine whether someone can be trusted. (Of course, even judgments based on in-person interactions can be faulty; Neville Chamberlain famously came away from his first meeting with Adolf Hitler with “the impression that that here is a man who could be relied upon when he had given his word.”) Online, though, things are trickier. Nonverbal cues are removed, so we need to rely on other indicators. Toma says humans don’t manage this process very adroitly. “When you have little information about someone, we tend to fill in the blanks,” she says—more often than not in an unrealistic manner. “Filling in the blanks leads you to like someone without knowing much about them, which leads to an intensification of emotions,” says Toma. This explains, in part, why relationships can blossom online at a more accelerated pace than they would in person.
Smartphone apps like Grindr have been able to parlay that acceleration of trust (and, dare we say, desire) into a big business. The app, which caters to gay men looking for hookups, uses GPS to pinpoint its users’ locations in relation to one another—like the Yelp app that helps you find a coffee shop, except the coffee shop is sex. In 2009 when Grindr debuted, it was revolutionary. Four years later, location-based apps are seemingly everywhere. People check into restaurants on Foursquare and tag the exact location where their Instagram photos were taken. Straight people even got on the Grindr bandwagon with its sister product, Blendr. Tinder, a dating app that lets users see one another’s location as well as mutual Facebook friends, has recently taken off as well.
Just more pieces of information we’ve put out for others to see. “This decade, it’s all about sharing your location, where you are and what you are doing,” says Joel Simkhai, a co-founder of Grindr. Over the past 10 years or so, Simkhai estimates, young people have “become more comfortable having an online identity, posting pictures of ourselves with our real names—not a strange AOL handle, but a real identity. And we are very comfortable sharing parts of our real identity with strangers.”
Simkhai is right, and he nods to an important evolution of online behavior. Believe it or not, social media dates back to at least 1980, when sites like the “geek paradise” Usenet sprouted in order to link like-minded people with common interests—folks who would likely be connected in real life, too. In the early 1990s, America Online made the Internet available for a much wider group of people, who aside from email mainly connected through chat rooms—but with the larger user base came more anonymity. Remember your username? It rarely matched your full name, as your Facebook profile does now.
You could think of 1995’s Classmates.com, which asked for your full name and alma mater as the building block of your profile, as an early version of the way adults use social media now. By the early 2000s, sites like Friendster, MySpace, and especially Facebook cemented the idea of merging our real-life identities with our Internet identities. Facebook initially required its users to have a university email address in order to sign up and rejected fake names, all in an effort to help you connect with your “network”—the people on your campus, at your job, or in your family.
Over the past few years, the objective of social media has shifted again: from keeping in touch with to meeting new people. Sites like Craiglist, Grindr, and Couchsurfing exist to connect you with perfect strangers. Facebook’s new graph search is an explicit effort to help you expand your network beyond those people you may already know. (Couchsurfing, which I used in Rome, has several safety features in place, including a system in which users can vouch for the trustworthiness of apartments they’ve stayed at.)
To be sure, many social-media users have an acute sense of skepticism. According to a study published in 2007 by Toma and others, for example, the majority of people who use online dating sites assume that other participants are misrepresenting themselves in their profiles. But emotional reactions spawned by the “fill in the blanks” theory can often outmaneuver that sense of doubt.
“When people are emotionally invested, they tend not to process in a cool or rational way anymore. They are inclined to disregard potentially suspicious information,” explains Toma. “People scan the environment for clues that confirm what they already believe” as opposed to the other way around. Now it’s not so hard to see how Te’o and Frampton could be so easily fooled.
The sheer magnitude of our online environment contributes, too. A study released in January by Ipsos Open Thinking Exchange, a culture and technology research center, found that the average social-media user under the age of 35 spends 4.2 hours every day engaging with people online. Being connected to so many people “generate[s] this sense that you’re not alone, which can really mess with your perception of risk,” Kathleen Cumisky, a professor of psychology, gender, and sexuality at the College of Staten Island, told The New York Times in a story about Sarai Sierra, the 33-year-old Staten Island woman who was found dead in Turkey earlier this year. It “lulls you into this sense of security because it is a world of your own creation.”
Last week, a homeless Turkish man allegedly confessed to killing Sarai, but in the months since she first went missing, news coverage of the investigation of her death emphasized her involvement in social media. An amateur photographer and mother of three, Sierra had about 3,000 followers on Instagram, many of whom she kept in touch with despite never having met in person. She’d gone ahead with the trip alone—her first out of the country—after her travel companion backed out, arranging her travel accommodations through AirBnB, an Internet-based marketplace for apartment sharing. Upon arriving in Turkey, it’s been reported that Sierra met up with at least two men she’d gotten to know through a photo-centric social networking site, and another with whom she stayed in Amsterdam. It’s apparent now that none of the people Sierra connected with online before meeting abroad were responsible for her death. Still, the focus on Sierra’s social-media use—which was really not excessive or out of the norm for someone her age—in the wake of her disappearance inspired a visceral reaction of fear that perhaps our online connections have made us a bit too trusting.
By sharing our personal information online, we’re taking a risk—the risk of exposing our own vulnerabilities, getting burned, or worse. At the same time, these new mediums are expanding our social circles, widening our worldview, allowing for new friendships, relationships, and collaborations across cultures that might never have been possible before. We can’t just dump them, can we?
J. Keith Murnighan, a professor at Northwestern’s Kellogg School of Management, has studied why we trust strangers. He says we should never cast aside caution, but says our implicit trust in strangers leads to good things more often than not. “Positive experiences with strangers facilitated by the Internet are making us realize more than ever that people actually are trustworthy,” Murnighan says. He bets that most Couchsurfers report positive experiences, even if he wouldn’t want his daughters to do it. “Then again, my mother didn’t want me to hitchhike and I did,” he said.
My mother probably wouldn’t, either. Four years ago, a derailed trip to London left me and a friend stranded in Málaga, a small beach town on the southern coast of Spain. Short on cash and without a place to crash, the two of us - each small, 21-year-old American women with mediocre Spanish skills - decided to stay up all night until the next train came to take us back to Sevilla, where we were living. Wandering around the city’s sleepy, unfamiliar streets, we came upon a group of young, nice-looking men and asked them where we should go. They excitedly guided us to a bar, then to a club, then on a drunken tour of Málaga that ended at one of their apartments. We ate sandwiches and drank coffee while the sun rose. Then one of the men accompanied us to the train station to help us change our train tickets, stopping to buy us breakfast on the way. My friend and I often tell this story, reflecting fondly on the kindness of strangers, knowing in the back of our minds that we were lucky to come away from the adventure with an entertaining travel tale instead of ending up with our smiling faces broadcast on the 5 o’clock news like Natalee Holloway. Or Sarai Sierra.
A Warning For Men
Women often receive warnings about protecting themselves at the mall and in dark parking lots, etc. This is the first warning I have seen for men. I wanted to pass it on in case you haven't heard about it. This will only become more commonplace as the weather warms.
A 'heads up' for those men who may be regular Lowe's, Home Depot, or Costco customers. This one caught me by surprise.
Over the last month I became a victim of a clever scam while out shopping. Simply going out to get supplies has turned out to be quite traumatic. Don't be naive enough to think it couldn't happen to you or your friends.
Here's how the scam works: Two seriously good-looking 20-something girls come over to your car as you are packing your shopping into the trunk. They both start wiping your windshield with a rag and Windex, with their breasts almost falling out of their skimpy T-shirts. It is impossible not to look. When you thank them and offer them a tip, they say 'No' and instead ask you for a ride to McDonalds..
You agree and they get into the back seat. On the way, they start undressing. Then one of them climbs over into the front seat and starts crawling all over you, while the other one steals your wallet. I had my wallet stolen September 4th, 9th, 10th, twice on the 15th, 17th, 20th, 24th, & 29th. Also October 1st & 4th, twice on the 8th, 16th, 23rd, 26th & 28th, three times last Monday and very likely again this upcoming weekend.
So tell your friends to be careful. What a horrible way to take advantage of older men. Warn your friends to be vigilant.
Wal-Mart has wallets on sale for $2.99 each. I found cheaper ones for $1.99 at K- Mart and bought them out. Also, you never will get to eat at McDonalds. I've already lost 11 pounds just running back and forth to Lowe's, Home Depot, and Costco.
Fake Wine
It is one of the world’s finest, rarest and most expensive wines, but connoisseurs appear to have been duped into spending up to £7,000 a bottle on fake Romanée-Conti for years, it emerged yesterday.
An Italian father and son were behind the audacious counterfeiting operation, using wax to make labels appear older and pocketing more than £1.8 million by selling about 400 fake bottles of the famous Burgundy in Britain and across Europe. The scam was exposed after a year-long investigation. The pair were arrested in Italy as police raided 20 homes and warehouses in five other countries — France, Britain, Germany, the Netherlands and Cyprus. France has requested their extradition and five other suspects have been arrested.
Marie-Christine Tarrare, a prosecutor in Dijon, central France, who helped to co-ordinate the investigation, said that police were still searching for other suspects. The fake bottles were “near perfect copies of the originals”, she said. “At the moment it’s impossible to tell exactly how many counterfeit bottles have been put on the market.”
The Domaine de la Romanée-Conti estate in the Côte d’Or region of Burgundy alerted French police to the appearance of fake bottles last year.
Only about 6,000 bottles of Romanée-Conti are produced each year on a vineyard that covers just 4.4 acres. It is usually sold through exclusive networks and has often been targeted by fraudsters.
An American collector paid €87,000 (£74,000) for a bottle of the 1945 vintage at a Christie’s auction in Geneva in 2011. It is rare because a freezing spring that year yielded only a fraction of the usual harvest.
Laurent Ponsot, a Burgundy winemaker, said: “Only two casks of the 1945 vintage were produced, which is equivalent to 600 bottles, but over the past 25 years, more than five times that number have been discovered. To connoisseurs, this vintage is like the holy grail.”
The number of counterfeit bottles has risen in recent years as demand for expensive wine has soared, especially in China and Russia, where they are often coveted as a status symbol rather than for their taste.
Many upmarket restaurants, hotels and wine collectors smash empty bottles to prevent them being used by counterfeiters, and producers of the finest wines have started tagging bottles to protect their brands.
Clive Coates, a wine critic, has praised Romanée-Conti as “the purest, more aristocratic and most intense example of Pinot Noir you could possibly imagine”.
Roald Dahl, the author, wrote of it in more ecstatic, if less refined terms, saying it was “equivalent to experiencing an orgasm at once in the mouth and in the nose”.
Cancer Cures and Conspiracy Theories
Have you heard that eating whole lemons prevents cancer? Or that bathing in Himalayan salt rids the body of harmful toxins? That eating hijiki seaweed can delay hair graying? If you have a few Facebook friends, you’ve probably encountered some of these claims. The website Natural News — which seems like a parody but is unfortunately quite serious - published these preposterous stories, and many others just as silly, last week alone.
Hokum like this is best ignored, but hundreds of thousands of Americans fail to do so. Natural News has achieved astonishing traction on social media, garnering Facebook shares in the high five and low six figures. These numbers should trouble you - Natural News has an uncanny ability to move unsophisticated readers from harmless dietary balderdash to medical quackery to anti-government zealotry.
Let’s start by deconstructing the claim that eating whole lemons staves off cancer. The author cites two medical journal articles. She badly mischaracterizes the first, published in the Journal of Agricultural and Food Chemistry in 1999. The study described the isolation of three compounds, known as coumarins, from lemon peel. Coumarins exhibit tumor-suppressing properties in a laboratory dish, but that does not mean that eating lemon peel prevents cancer. Even if the oral ingestion of coumarins were convincingly shown to fight cancer in a laboratory animal, we still wouldn’t know how much lemon peel would be required for a human to experience the same effects or whether you could tolerate the dose.
We’ll never be rid of tripe like this, but it’s important not to confuse hopeful superstitions with science.
The second study the author cites is an enormous overreach. No one enjoys biostatistics, but bear with me and you’ll be better prepared to identify weak studies in the future. The study, published in the journal Nutrition and Cancer in 2000, purported to show a correlation between consumption of lemon peel and diminished cancer risk. The authors surveyed 242 skin cancer survivors and 228 controls about their citrus consumption habits, but the questionnaire wasn’t externally validated and has some screwy definitions. (Eating citrus peel “often,” for example, is defined as “50-75 percent of the time.” What does that mean?) The authors did not adequately control for race or skin tone, which is an important variable in skin cancer studies. The sample size was much too small. Only 163 of the 470 study participants reported eating citrus peel, and just 28 of them admitted to eating citrus peel often. That’s not enough to prove that eating lemon peel prevents skin cancer. In addition, the statistical correlation is very weak, close to undetectable. Had one more person with cancer reported eating citrus peel, the relationship would likely have disappeared. In fairness, the study authors acknowledged the small sample size and the need for more substantial follow-ups, but everyone knows how these correlational studies are reported in the media. This is why you should look for patterns in scientific literature rather than relying on individual studies.
Anytime someone tells you that eating something prevents cancer, your BS detector should start a-clanging. Natural News is full of these beauties. In addition to whole lemons, the site pushes organic green shakes, cilantro, blueberries, and spirulina as surefire cancer fighters. Whisper it, though, because Natural News has exclusive information suggesting that the government will silence anyone who pushes natural cancer cures.
We’ll never be rid of tripe like this—shortcuts to immortality are irresistible—but it’s important not to confuse hopeful superstitions with science. If you loosen your grip on the anchor of evidence-based medicine, you’ll find yourself drifting dangerously toward conspiracy theory.
You probably know what’s coming next—vaccines and autism, of course. Natural News loves to prey on vulnerable parents, and it’s jumped all over questionable preliminary studies linking autism with everything from gluten to air pollution to antidepressants to the “Western lifestyle.” But the site’s drumbeat of support for the thoroughly debunked claim that vaccines cause autism is particularly shameful.
In case you’ve managed to miss this “controversy” (where have you been and congratulations, by the way), a 1998 paper in the influential medical journal The Lancet claimed that the vaccine for measles, mumps, and rubella caused autism. Sixteen years and many preventable measles outbreaks later, we know for certain that the claim is wrong. Literally hundreds of thousands of children have participated in studies around the world showing no association between vaccines and autism. A 2011 Institute of Medicine review of thousands of different studies reached the same conclusion. The Lancet has withdrawn the original paper and Andrew Wakefield, its author, lost his medical license, in part because he failed to disclose that lawyers preparing to sue vaccine manufacturers helped fund his research.
None of this has deterred a small number of evidence-averse anti-vaccine campaigners, who think there is an international, inter-governmental conspiracy including thousands of doctors working for Big Vaccine. Natural News is, of course, bouncing along giddily on the bandwagon. In September, for example, the site published a story claiming that the government has “once again conceded” that the MMR vaccine causes autism. Here’s what actually happened. In the 1980s, the federal government set up a fund for people who may have been harmed by vaccines. Although such injuries are extremely rare, vaccines are administered so broadly that tort claims could clog up the courts and deter drug manufacturers and doctors from providing vaccines.
The fund does not compensate parents who believe their children developed autism as a direct result of receiving a vaccination—the fund’s administrators rejected that link in a series of test cases. However, some researchers believe that certain vaccines may in rare cases prompt an adverse reaction and cause encephalopathy, at a rate of about one case in 310,000 vaccine recipients. As a result, the fund pays children who were diagnosed with encephalopathy shortly after receiving a vaccine, whether or not they can prove causation. In some cases, children with encephalopathy are later diagnosed with autism. However, just as researchers have been unable to prove a causal link between vaccines and autism, they have been unable to produce convincing evidence that encephalopathy causes autism.
Evidence be damned, though. When the vaccine injury fund compensates an encephalopathy victim—whether or not autism is involved—sites like Natural News describe it as a government admission that vaccines cause autism. It’s nothing of the sort, but this unique brand of yellow journalism has earned the site 75,000 Facebook shares and counting. That’s the only hard data Natural News cares about.
The obvious next move is anti-government propaganda. An August headline claimed, “People Who Grow Their Own Food Labeled 'Extremist' by Dept. of Defense” (more than 33,000 Facebook shares). That’s not even close to true. In fact, a Department of Defense training manual on extremism stated, “Nowadays, instead of dressing in sheets or publicly espousing hate messages, many extremists will talk of individual liberties, states’ rights, and how to make the world a better place.” Both the conservative site Judicial Watch, which obtained the manual, and Natural News equate this to claiming that everyone who supports individual liberties is an extremist. If you’ve managed to read this far—or, if you’re able to read at all—I don’t have to explain to you why that interpretation misrepresents the Pentagon’s views. In addition, after reading through the entire DOD manual, I can’t find any comments whatsoever about people who grow their own food. (Natural News did not respond to requests for comment.)
When one of your Facebook friends posts a link to a story about spirulina boosting brain function or how to cure pneumonia with vitamin C, I beg you to respond. A simple “bogus” will help halt their descent into insanity induced by Natural News. (That’s a causal link you can believe in.)
Vintage Wine Fraud
Rudy Kurniawan, a onetime darling of the fine wine scene who became famous for buying and selling bottles from some of the world’s great vintages, was sentenced Thursday to 10 years in prison for duping collectors with grape-colored concoctions created in his Los Angeles-area home.
Kurniawan, 37, stood quietly in federal court in Manhattan, his head slightly bowed, as Judge Richard Berman rejected a defense request that Kurniawan be sentenced to time already served. Kurniawan has been in prison since his arrest in March 2012 following a raid on his Arcadia home that turned up thousands of empty bottles, corks, fake labels, sealing wax and other evidence of a wine-counterfeiting operation.
The lengthy sentencing hearing, which lasted about three hours, was as much a discussion of how much time Kurniawan should serve as a debate over whether his victims' extraordinary wealth diminished the gravity of the crime.
"Nobody died. Nobody lost their savings. Nobody lost their job," defense attorney Jerome Mooney said, describing wine collecting as "more of a hobby" enjoyed by the 1%. Comparing Kurniawan's fraud to other economic crimes, Mooney said: "The money that was lost in those cases was money that was dearly needed ... this case is entirely different."
Prosecutor Stanley Okula called Mooney's argument "quite shocking."
"Fraud is fraud," Okula said, describing Kurniawan as "the kingpin of counterfeiters."
"He did it to line his own pockets," said Okula, who had asked for up to 135 months in prison.
A jury convicted Kurniawan last December of two counts of fraud related to the sale of wines to individuals, auctioneers and other wine dealers, many of which were alleged to have been fakes put in bottles and passed off as the real thing.
The case landed in New York because one of the fraud charges against Kurniawan specifically referred to a loan he was accused of obtaining under false pretenses from a New York-based financing company.
In addition to the prison time, Kurniawan was ordered to forfeit $20 million and to pay $28.4 million to victims.
Those duped into buying fake wines included billionaire William Koch. Koch filed a lawsuit against Kurniawan in California in 2009 alleging he had spent more than $2 million on wines consigned by Kurniawan that he believed to be fake. Koch and Kurniawan settled that lawsuit last month.
Mooney made a lengthy appeal for lenience, portraying his client as a deeply insecure man who loved good wine and yearned to be accepted into the world of the rich collectors who buy it, sell it and drink it at lavish dinner parties.
"He wanted to be a part of it," Mooney said of Kurniawan, who burst onto the Los Angeles wine scene in his early 20s after getting his first taste of a great wine.
Using family wealth, Kurniawan began buying up wine, offering it for auction, and bringing bottles worth thousands of dollars each to dinners to share with other collectors.
The more Kurniawan provided, the more his fans wanted, said Mooney. "He began faking it to meet the demand," Mooney said, insisting he was not motivated by greed but by a desire to please his circle of friends.
Kurniawan, an Indonesian who entered the United States when he was 16 on a student visa, has been in the country illegally for more than 10 years after being denied political asylum. He faces deportation when he is released from prison.
Facebook Fake News Panics
There’s a scary story bouncing around Facebook, accruing hundreds of thousands of likes: the small town of Purdon, Texas, has been quarantined after a family of five was diagnosed with Ebola. The story is a total hoax, put out by a deeply cynical site called the National Report. But to the 340,000 people who saw it pop up in their news feed, it looked real enough to share.
"We’ve seen stories on satire sites — fake news sites — getting tremendous traction because they feed on people’s fears," says Craig Silverman, the founder of Emergent.Info. "It’s really becoming an epidemic now." Silverman launched Emergent with Columbia’s Tow Center for Digital Journalism last month to track the spread of rumors online in real time. Many of the stories he’s seen have been organic rumors, things like the pumpkin spice condom or the 50-foot crab that begin life as jokes, get taken out of context, are written up in news stories, and take off on Facebook before anyone bothers to verify them. But he’s finding that a surprising number, especially when it comes to Ebola, are deliberate attempts to deceive. "I've had people emailing me about the Purdon story, very scared, asking if it was true," says Silverman.
These sites claim to be satirical but lack even incompetent attempts at anything resembling humor. They’re really fake news sites, posting scary stories and capitalizing on the decontextualization of Facebook’s news feed to trick people into sharing them widely. On Facebook, where stories look pretty much the same no matter what publication they’re coming from, and where news feeds are already full of panicked school closures, infected ISIS bogeymen, and DIY hazmat suits, the stories can fool inattentive readers into thinking they’re real. Panicked, they share, spreading the rumor farther and sending more readers to the story, generating ad revenue for the site.
It’s proving to be a very successful strategy, particularly for a site called the National Report, which saw its traffic spike to 2 million unique visitors yesterday according to Quantcast. Very few are repeat visitors, meaning they’re just seeing the link on Facebook and clicking.
The tendency for bad satire to take off on Facebook is well-documented. I’m not talking about The Onion, which is absurd and funny enough that most people paying attention can’t mistake it for real news, and well-enough known that anyone who does will be quickly mocked. The problem is more with sites like The Daily Currant, whose brand of just-barely-unbelievable stories are political share-bait and have suckered more than a few actual publications into aggregating its stories as news. The Awl’s John Herrman calls it the Borowitz Problem, after The New Yorker humor columnist whose pandering fake news often gets shared far out of proportion — I hope — to the people who actually find it funny. "When you publish a fake headline that sounds almost real, place it on top of satire that's soft enough to skim without really reading, give it a newyorker.com URL, and promote it on Facebook, where basically every headline sounds like satire now, you know what you're really doing," Herrman writes.
The new sites like National Report take this phenomenon and push it to its amoral conclusion. If satire mistaken for news can get shared more on Facebook than real news, and you're totally unscrupulous about how you get your clicks, why not drop the satire pretense and just write fake news? "What we’ve seen emerge over the last year is a much more malicious breed," says Silverman, "which are not driven by trying to do comedy or satire, but by what kind of fake stuff can we spin up to get shares that earn us money."
The National Report appears to have begun as an inept satire site a little over a year ago. Notable past stories include the news that residents of Hanna, Oklahoma, were going to be implanted with RFID chips as part of an Obamacare pilot program, which freaked people out sufficiently to warrant a debunking in the Caspar Star Tribune — "Satirical article creates stir in Wyoming town" — in which the Report’s publisher, Allen Montgomery, mocks anyone dumb enough not to fact-check his stories. That was back when the site called itself satire in a now-deleted disclaimer. More recently, the Report wrote a tremendously popular story claiming that Facebook would begin charging users, replete with fake quotes from Mark Zuckerberg. Earlier this week it posted a story about Banksy getting arrested and identified, repeatedly debunked but still getting tens of thousands of likes.
On October 1st, National Report posted a story claiming that an entire Texas town was quarantined after a family tested positive for Ebola. The story exploded on Facebook, accruing hundreds of thousands of likes. The Report has since thrown all its fake resources into the fake story, sending a fake journalist to file fake reports from the ground about fake outbreaks, quarantines, and CDC coverups. On Monday the site claimed that a class of kindergartners had been infected by a Liberian exchange student, a xenophobic detail in keeping with the site’s right-wing tone. Now it’s pushing a story about ISIS Ebola agents in Arizona.
Facebook is the major vector for these fake news stories, partly because Facebook drives much of the traffic to news stories generally, but also because certain characteristics make it a powerful platform for disseminating rumors. Sites, no matter their pedigree, look pretty much the same in your news feed — just a headline and a caption — making disreputable sites harder to detect. You’re more likely to trust news coming from someone you know. Readers often reshare without reading, or skim quickly if they do click through. Salacious and alarming stories are more sharable than stories debunking them; Silverman's initial data shows multiple takedowns combined getting just a fraction of the shares as the original rumor. The Banksy hoax was quickly debunked by 12 different sources, and for a while the truth was winning out over the lie, but three days later the fake story has been shared almost three times as often.
The Texas quarantine story was shared almost entirely on Facebook — 0.3 percent of shares came from Twitter — which makes sense considering how quickly it would be debunked on a faster platform populated by more news-savvy users. "Twitter is more where rumors are birthed," says Silverman, "but Facebook is where things absolutely catch fire, in particular when you’re talking about hoaxes and fake news articles."
A change Facebook made earlier this year may have inadvertently made it a better vector for fake news. Facebook added "trending topics" in an attempt to highlight important, or at least popular, stories in a near real-time, Twitter-like fashion. In doing so it created new pressure for sites to quickly glom on to whatever topic trending as a way of reaching a wider audience. People have complained that this encourages shoddy, rushed reporting, but the sites best positioned to capitalize on it are the ones that don't need to report at all. I wasn't watching the Ebola section when National Report's campaign ramped up, but I've since seen stories that indicate trending topics will highlight nutty stories (pot can cure Ebola, Obama is infecting Christian's with Ebola to start a new era of liberal darkness) along with legitimate ones. By running fake stories on trending topics, these fly-by-night sites can drastically increase the number of people who see their stories, increasing the odds that their posts will go viral.
There are a bunch of them, spammy banner-ad-festooned sites like Big America News, Huzlers, Celebricity, Empire News, and others that run the spectrum from Daily Currant plausibility to National Enquirer fantasy, Ebola outbreaks to Ebola zombies. Some have disclaimers at the bottom of the site saying it's satire, or a mix of news and satire; others bury them so deep they might as well not exist. National Report used to have a satire disclaimer, but at some point deleted it (Snopes took a screenshot), leaving only a single line at the end of a hard-to-find legal page, reading, "The National Report officially states its purpose as an online portal for general news and commentary from its staff, citizen journalists and other sources, and may include unconfirmed or satirical material."
Ebola is the perfect subject for these sites. "There’s a lot on Emergent about ISIS and Ebola for the simple reason that it’s human behavior," Silverman says. "When there’s a lot of fear and anxiety and lack of information, or at least lack of understanding, humans try to talk through it, they throw stuff out there, and that births rumors." Aid workers in Africa dealing with the actual Ebola crisis have also had to contend with dangerous rumors — that Ebola itself is a hoax, that it’s a Western plot, that aid workers will kill anyone infected. Here in the States there is less to fear, but plenty of media ready to capitalize on it, whether through deliberately deceptive "satire" sites or irresponsible misinterpretations of science. The idea that Ebola is airborne is proving a particularly persistent rumor as various sites twist statements that such a mutation is not beyond the realm of biological possibility to mean that it’s possible or may have already happened. These rumors would likely be bouncing around anyway. Social media and the incentives it creates, Silverman says, simply work as an accelerant.
Obviously it's in Facebook's interest to keep its newsfeed from filling up with garbage, but it's unclear how it could stop the spread of these hoax stories. Facebook is continuing to test "satire" labels, but only in the related articles that pop up after you click on a story and return to Facebook. (The Onion summed up people’s response well.) It has attempted to algorithmically weed out misleading clickbait headlines by burying stories that people share without reading, or that people click on and immediately return to Facebook, but it’s hard to imagine a similar filter that would work for posts that deliver exactly the story the headlines promise, albeit a fictional one. Debunking fake stories has a limited effect: a Facebook data science study earlier this year found that putting a link to the rumor-debunking site Snopes into fake stories made people four times more likely to delete their link, but the story continued to spread. "This suggests that their high virality can overcome the temporary setback dealt by being Snoped," wrote the researchers.
Maybe the sites will become victims of their own success. The Daily Currant doesn’t seem to get linked to so much anymore, and it seems likely that the National Report’s Ebola spree is on its way to burning itself out. Already you can see the narratives diverging. As the quarantine ends for those in contact with Dunan, the National Report is declaring that Dallas has cancelled Halloween and infected ISIS agents are crossing the border. Hopefully panic will subside to the point that these headlines seem obviously fake to everyone, and attention will go back to the real crisis in Africa. At least until we find something new to panic about.
In the meantime, Silverman is busy with Emergent, watching how the rumors spread and get debunked, collecting data for a paper due sometime next year. He’s interested in the dynamics of online rumors generally, but the fake news sites have become an unexpected focus. "I’m actively now thinking about ways to go after these fake news sites," he says. "We need some way to crawl these sites and figure out which stories are starting to get velocity so we can counteract them, ruin their incentive, prevent them from getting the big hits. But I have no idea what the best way might be. There are so many."
Scambaiting
"Greetings in Jesus' name, dear friend, I am the widow of Idi Amin."
Chances are, you've received a scam e-mail like that more than once.
The relative of a rich African dictator is trying to reclaim a lost fortune, or a famous person is trapped somewhere with a billion dollar inheritance just out of reach. They need your help — OK, more specifically, a few thousand dollars of your cash — to get started.
Those e-mail cons often originate in West Africa, and are commonly referred to as "419 scams," after the applicable section of Nigeria's penal code. Thousands of American citizens fall for these scams each year, according to the U.S. State Department, and some victims lose thousands of dollars in the process.
But there's a growing online community of people called scambaiters who seek revenge against 419 scammers.
When they receive a 419 e-mail, instead of deleting, they reply — then they proceed to waste as much of the scammer's time as possible. Often, scambaiters will try to humiliate the Internet con artists by tricking them into creating photos, videos, or audio recordings which can later be posted on scambaiter Web sites as "trophies."
One such video recently popped up on YouTube: Two Nigerian men stand over a birdcage at a shop counter, debating whether the parrot at the bottom of that cage is dead. It's a remake of a famous Monty Python comedy sketch from the 1970s, and it's the work of scambaiter "Shiver MeTimbers," UK resident Mike Berry.
About six months ago, Mike received a scam e-mail from a man in Nigeria who claimed to be rich and dying of cancer. The scammer wanted Mike's help, and of course, Mike's cash, distributing tens of millions of dollars to charity before he died.
But the man from Lagos wasn't dying of cancer, and his story wasn't true. Through a complicated chain of e-mails that lasted more than six months, Mike persuaded him to re-create the Monty Python parrot sketch, promising to enter it in a phony film contest with a cash prize. The resulting video shot to the top of YouTube's hit rankings, and has become an instant Internet classic.
Mike Berry has been scambaiting for five years. In that time, he has posed as a priest, a pirate, a scientific researcher —even an adult-video impresario. He has published the long and often hysterical e-mail chains between him and the scammers he taunts on his Web site, and some are collected in his book: Greetings in Jesus Name! The Scambaiter Letters. But Mike insists that the site has become more than just a good joke for him; he sees it as a way to keep criminals harmlessly occupied, so they won't be able to scam real victims.
Mike manages one of many online "scambaiting" sites, 419eater.com, where he and others mentor aspiring scambaiters.
"Scambaiting is not a sport you want to jump into without previous knowledge," he says.
And he doesn't recommend trying this at home. Even experienced scambaiters are in danger when angry Internet con-men realize they've been had.
"The golden rule is: Do not give out any real information whatsoever — your name or your e-mail, the country you live in," he cautions. "The scammer who's writing you may live 3,000 miles away, but he may have friends who live near you, and these are not people you want to mess with."
Holiday Accommodation Fraud
Police are warning of fraud targeting holidaymakers booking accommodation through sites such as Airbnb, homeaway. co.uk, Holiday Lettings, Facebook and Gumtree. A report seen exclusively by The Times, from the City of London Police, Abta, the travel association, and Get Safe Online, the government’s internet security service, found that £2.2 million was stolen from people planning holidays in 2014. Victims lost an average of £899, though one individual lost £62,000 on a fake timeshare.
The most common crime involves fraudsters hacking into the accounts of genuine property owners on holiday accommodation websites, or “spoofing these websites with convincing bogus imitations”. Holidaymakers then find the villas and apartments that they thought they had booked and paid for are either non-existent or have not been reserved through the legitimate owners.
UK caravan stays have also been targeted, with adverts for non-existent accommodation posted on Facebook, Gumtree and Craigslist.
More people than ever are turning to rental sites such as Airbnb instead of B&Bs and hotels in order to save money on their holidays, and criminals are finding ways to exploit this trend.
Last month Times Money reported the case of Bertie Cripps, a surveyor from London, who lost £2,600 after booking a villa in France that he saw advertised on Airbnb, a site that more than a million British holidaymakers have used for accommodation since its launch in 2008. It vanished into thin air once he had transferred cash to the “owner”. Since his story was printed he has been contacted by others who have lost money in the same way.
Airbnb says that it monitors adverts to weed out anything dodgy-looking, but could not provide evidence that it vets potential “hosts”. Anyone could post a picture of an attractive looking villa, pretend they own it, and convince a holidaymaker like Mr Cripps to send them money via bank transfer. Airbnb has a secure platform for payment, but criminals are getting around it by convincing travellers to converse in private emails and then sending follow-up booking forms and phishing messages that look identical to genuine correspondence from Airbnb.
The police reported a similar case of a mother looking for an apartment in Istanbul with her parents and daughter on the website Holiday Lettings. She found one she liked, contacted the owner by email and was referred to his “booking agent”, to whose bank account she transferred £2,500. The advert then disappeared.
In another, a family of eight booked a property in Cornwall over the new year period. They called to ask if the house was for rent and agreed to pay £1,500 via bank transfer. It wasn’t until they had driven for five hours on December 28 to the holiday home that they realised something was wrong — another family was installed in the house. It transpired that someone had hacked into the homeowner’s account on the Owners Direct website and replaced all details with their own.
“The internet has revolutionised the way we look for and book our holidays,” says Detective Chief Superintendent Dave Clark, head of economic crime for City of London Police, “but the unfortunate reality is that it is also being exploited by fraudsters who use online offers of accommodation and flights that do not exist or promise bookings that are never made, to rip off unsuspecting holidaymakers.
“The nature and scale of holiday fraud means police action alone can only be part of the solution to this problem. Online shoppers must be vigilant and conduct all the necessary checks before booking a break to ensure the conmen are kept at bay.
“I would also urge anyone who has fallen victim to a holiday fraud to contact Action Fraud. Doing this will help the National Fraud Intelligence Bureau to identify and target those most responsible for this harmful and upsetting crime.”
As well as hacking into holiday adverts, or posting fake websites and listings on social media, the report highlights cases of customers booking flights through fake websites and receiving a fake ticket. Flights to west Africa have been a particular focus. Those on religious trips are often targeted, such as pilgrims heading to the haj in Saudi Arabia. The police also warn of fake holiday clubs, where victims are offered “free” holidays to entice them into attending a seminar and are then talked into buying a fraudulent timeshare.
The report found that a third of victims believe the fraud had a substantial impact on their health as well as their finances, with 167 people admitting that they had to receive medical treatment after the crime.
Tony Neate, of Get Safe Online, says: “A holiday is often the most expensive thing people will buy in a given year. So take your time and do as much research as you can to check the provider is safe. It is often much easier to find proof a company is legitimate than evidence they are fraudulent. Look for confirmation from others who were happy with the service, call the vendor, and only make payment arrangements once you feel as confident as possible they are legitimate. Most importantly, never transfer directly into bank accounts. None of these scams will work unless you hand over your money.”
“Trojan horse” desk
A group of apparently wealthy Italians who travelled Europe conning businesses have been caught while constructing a “Trojan horse” desk for a £1.5 million sting against a Manchester jeweller.
The desk was built to conceal one of the gang members, who could switch a suitcase containing euros for fake currency during a deal to buy gold. They were caught constructing the furniture at the hotel conference room where the deal was due to take place.
Detectives believe that the gang planned to keep the real cash in a holdall inside a drawer in the desk. This would be shown to the jeweller before a hidden accomplice switched it for an identical bag of counterfeit notes.
When police raided, they found that the cabinet drawer contained €2.2 million in counterfeit notes as well as £52,000 worth of legitimate currency.
Similar stings had been carried out across Europe in which businesses were conned out of gold bullion and jewellery worth millions of pounds.
Luigi Arcuri, 73, Nikolic Giuliano, 37, and Antonino Ballistreri, 45, were each jailed for two years and eight months by Manchester crown court on Monday after admitting conspiracy to defraud and possession of counterfeit currency.
Police described the men as members of an “international crime group” and said that although they claimed to be from France and Italy they were originally from Serbia.
The investigation began last December after four people were stopped by border officials at the UK control zone in Calais. Police found a forged Swiss driving licence and €25,000 in cash.
The same day, detectives discovered that men purporting to be Italian businessmen had been negotiating the purchase of jewellery worth €2 million from Rockefeller’s in Manchester.
The gang contacted the jewellery shop by telephone five days before the teenager and Ballistreri visited. The pair, both well dressed and wearing Rolex watches, ordered 41 high-value items. Arrangements were made to meet at a hotel and they claimed that a Swiss banker would be present with the €2 million in cash.
The two were placed under covert surveillance and were observed going to the Thistle Hotel near the Trafford Centre before buying a torch to be used by the man inside the desk.
A telephone number used to contact Rockefeller’s was found to have been used to contact other jewellers and coin merchants in the region.
Detective Inspector Rob Cousen, of Greater Manchester police, said: “This was a well-run, sophisticated scam. I suspect the quartet to be part of a much larger gang responsible for multiple frauds worth countless millions who have been operating across most of Europe. They are skilled and wellversed fraudsters, able to dupe the most security-conscious individuals
Counterfeit.com
THE grand golden doors of 500 Pearl Street, in Manhattan, have welcomed such glamorous names as Hermès, Tiffany & Co and Kering, a French conglomerate whose treasures include Gucci and Bottega Veneta. The building is not a posh hotel or department store. It is the federal court for the Southern District of New York, a favoured battleground for the decidedly unglamorous war against counterfeit goods.
The court is now the venue for Kering’s suit against Alibaba, a Chinese e-commerce giant. Kering alleges that Alibaba helps fakers sell goods on its websites. The French firm is not the only one to be incensed. On July 17th the American Apparel & Footwear Association (AAFA) demanded that Alibaba crack down on counterfeits. Alibaba insists it has extensive measures in place to do just that. It is trying to distance itself from counterfeiters, who are also accused by Kering. On August 6th Alibaba plans to argue to the court that it risks being unfairly implicated as a co-conspirator. A bitter trial looks likely.
The fight against copycats has been long and arduous. Kering’s suit is the industry’s most important in a decade—Alibaba has more than 1 billion product listings and aspires to reach consumers around the world. But its sites are hardly the only places shoppers can find copies. Fake sales are proliferating online, with counterfeiters becoming more technologically adept, more difficult to track and harder to pursue in court.
Counterfeit sales are, by definition, difficult to tally. Last year American border officials nabbed copies that, had they been genuine, would have been worth $1.2 billion. Their European Union counterparts seized €768m ($1 billion) of fakes in 2013. But these were surely a fraction of the counterfeits being peddled. Estimates for the total value of fakes sold worldwide each year go as high as $1.8 trillion.
The deluge of fakes includes everything from software and medicine to detergent and car parts. On July 26th, for example, Chinese authorities said police had raided a factory turning out huge quantities of iPhone copies. Nevertheless, watches, bags, clothing, jewellery and perfume make up most of the goods seized at borders (see chart). On July 21st the European Commission reported that lost sales due to fake clothes and accessories amounted to 10% of the industry’s revenue in Europe. This makes luxury firms shudder. They cherish their reputations for quality and exclusivity, explains Antonio Achille of the Boston Consulting Group. Ubiquitous, flimsy copies undermine them.
The problem has grown more complex as the fakery business has moved online. America’s trade representative predicted in April that online sales of pirated goods might exceed those in physical markets, adding glumly: “Enforcement authorities, unfortunately, face difficulties in responding to this trend.” Online, counterfeiters can stay anonymous, reach across borders and constantly launch new websites to evade legal action. Governments have a devilish time tracking fakes sold online and delivered by post, explains Armando Branchini of Altagamma, the trade group for Italian luxury firms. Fakes shipped in bulk, destined to be sold in physical shops, are hard enough for border guards to spot. “But when it’s a matter of millions of parcels, each with a pair of shoes or bag or shirt,” Mr Branchini sighs, “it’s quite impossible to check.”
Since it is so difficult to fight both fake-goods websites and the counterfeiting operations behind them—if you shut one factory, another will crop up nearby—luxury-goods firms are increasingly taking aim at the legitimate firms that facilitate the business of counterfeiters, such as auction websites, internet-domain registries and payment processors. Sometimes brand-owners seek these firms’ co-operation in court. Sometimes they sue them.
This has had mixed success. In 2004 Tiffany claimed that eBay was liable for the counterfeit sales on its site. eBay retorted that it could not prevent every illicit post, though it would work to remove them. Courts agreed. eBay and Google, which has also been the target of lawsuits, have systems to fight dubious sellers and advertisers. Neither, however, is foolproof.
Alibaba and the forty fakers
According to Kering’s lawsuit, Alibaba poses a new challenge. On eBay, a counterfeiter might auction one or two handbags at a time. Kering alleges that one wholesaler on Alibaba required a minimum purchase of 500 fake Gucci watches and claimed it could deliver up to 8m each month. Brand-owners tremble at the spectre of Alibaba’s 8.5m sellers hawking masses of counterfeits both within China and around the world. Kering’s investigators, for example, bought fake Gucci sneakers on Alibaba’s Taobao.com and had them shipped to New York. Kering alleges that Alibaba not only provides a platform for these sales, but encourages them. Kering complains that if you type “replica” in the search bar in Alibaba.com, the site’s algorithm will suggest “wristwatches”.
Alibaba counters that it, too, is a victim of counterfeiters and is working to fight them. The company has more than 2,000 staff devoted to the problem. They pore over dodgy listings flagged up by Alibaba’s algorithms and by brand-owners. In the run-up to its public offering last year, the firm removed 90m listings. Indeed Alibaba has acquired some weighty partners—it has signed agreements with Louis Vuitton, Coach and others to co-operate on fighting counterfeits. But its disputes look likely to heat up. The AAFA wants Alibaba to set up an automated system to take down dubious listings immediately, a demand that is unlikely to be met. The fight with Kering will continue. The two parties have already tried and failed to reach agreement outside court.
Meanwhile sales of counterfeits continue to sprawl across the internet. For example, it is common for Chinese consumers to dodge the high price of luxury goods in their own country by buying them on so-called daigou websites: a shopper might buy a handbag in Europe, then resell it on one of these websites for more than the European retail price but less than the Chinese one. Many products on such sites are genuine. Many are not.
More pervasive are the sites that pose as legitimate sellers of discounted goods. They may have domain names registered in one country, servers in another, payment-processing elsewhere and shipping from yet another place, according to MarkMonitor, which helps companies protect their brands online. Roxanne Elings, a lawyer at Davis Wright Tremaine, says one counterfeit outfit may run as many as 14,000 websites.
Firms have had some success in battling these sites, again by focusing their attention on legitimate companies that serve them. In 2010 Ms Elings helped North Face and Polo Ralph Lauren obtain court orders for domain registries to take down networks of rogue sites, and for PayPal to turn over fakers’ assets. Tory Burch, Hermès and Michael Kors won similar cases in 2011 and 2012.
Since then, however, counterfeiters have become more slippery. Ms Elings says that networks of sites are using multiple registries and myriad fake names. Joseph Gioconda, a lawyer who has represented Hermès, Michael Kors and Lululemon, says that catching up with copycats is daunting when their assets are held outside America. Kering and Tiffany had sought to freeze counterfeiters’ accounts at Chinese banks, but last year an American court refused to do so. That will make it harder to obtain foreign records that might expose counterfeit rings.
The role of consumers in all this is complex. Some are looking for the real thing at discount prices, and are deceived. Others are knowingly hunting for fakes. Both types may regret their penny-pinching. The most troubling recent trend is that online counterfeiters have discovered a new source of revenue. Some of their sites have no goods to sell, real or fake. They are simply out to steal unwitting shoppers’ card details, a business that can enjoy higher margins than any handbag.
Fake Website Traffic To Scam Advertisers
Ron Amram has been in the brand marketing business for about 20 years. In the 2000s he was media director for Sprint’s prepaid cellular group, mainly figuring out where the carrier should spend its ad dollars - print, outdoor, digital, or broadcast. TV was always at the top of the pyramid. A TV campaign was like “the Air Force,” Amram says. “You wanted to get your message out, you did carpet bombing.” But TV wasn’t cheap, nor did it solve “that age-old question: Half of my marketing is working, half of it is not, and I don’t know which half.”
About 10 years ago, not long after Google went public and Yahoo! was still worth upward of $50 billion, attitudes shifted. Digital search and display ads had the potential to reach TV-size audiences at a fraction of the price. “People thought it was going to change everything,” Amram says.
The euphoria escalated again around 2010 with the arrival of programmatic advertising, a typically banal industry term for what is, essentially, automation. The ideal programmatic transaction works like this: A user clicks on a website and suddenly her Internet address and browsing history are packaged and whisked off to an auction site, where software, on behalf of advertisers, scrutinizes her profile (or an anonymized version of it) and determines whether to bid to place an ad next to that article. Ford Motor could pay to put its ads on websites for car buffs, or, with the help of cookies, track car buffs wherever they may be online. Ford might want to target males age 25-40 for pickup-truck ads, or, better yet, anybody in that age group who’s even read about pickups in the past six months.
That’s a stunningly attractive proposition to advertisers: surgical strikes on a carpet bombing scale. Ominous for privacy advocates, sure, but nirvana for agencies, publishers, and advertisers. At long last, they’d know where every last dollar went and whether it did its job.
Amram is at Heineken USA now, where the annual ad budget is in the $150 million range. In 2013 the company replaced its old stubby bottles with a fashionably long-necked version that supposedly keeps the beer cold longer. “We had a healthy investment in TV, local media, and digital,” he says. “We thought digital would come close and compete with television in terms of effectiveness.”
Late that year he and a half-dozen or so colleagues gathered in a New York conference room for a presentation on the performance of the online ads. They were stunned. Digital’s return on investment was around 2 to 1, a $2 increase in revenue for every $1 of ad spending, compared with at least 6 to 1 for TV. The most startling finding: Only 20 percent of the campaign’s “ad impressions” - ads that appear on a computer or smartphone screen - were even seen by actual people.
“The room basically stopped,” Amram recalls. The team was concerned about their jobs; someone asked, “Can they do that? Is it legal?” But mostly it was disbelief and outrage. “It was like we’d been throwing our money to the mob,” Amram says. “As an advertiser we were paying for eyeballs and thought that we were buying views. But in the digital world, you’re just paying for the ad to be served, and there’s no guarantee who will see it, or whether a human will see it at all.”
Increasingly, digital ad viewers aren’t human. A study done last year in conjunction with the Association of National Advertisers embedded billions of digital ads with code designed to determine who or what was seeing them. Eleven percent of display ads and almost a quarter of video ads were “viewed” by software, not people. According to the ANA study, which was conducted by the security firm White Ops and is titled The Bot Baseline: Fraud In Digital Advertising, fake traffic will cost advertisers $6.3 billion this year.
One ad tracked in the study was a video spot for Chrysler that ran last year on Saveur.tv, a site based on the food and travel lifestyle magazine. Only 2 percent of the ad views registered as human, according to a person who was briefed on data provided to the study’s participants. Chrysler, which doesn‘t dispute the data, ceased buying ads on the site once it became aware of the “fraudulent activity,” says Eileen Wunderlich, the automaker’s spokeswoman. White Ops, which left out the names of the advertiser and website in its published study, declined to comment. Executives at Bonnier, the publishing company behind Saveur.tv, say they screen every impression and that the White Ops study looked at 5,700 ads, a very small number. They also say there are multiple methods for detecting nonhuman traffic, and that there’s no single standard used by the industry. “We weren’t aware of any problem or complaint. If it had been brought to our attention we would have fixed it,“ says Perri Dorset, a Bonnier spokeswoman.
Fake traffic has become a commodity. There’s malware for generating it and brokers who sell it. Some companies pay for it intentionally, some accidentally, and some prefer not to ask where their traffic comes from. It’s given rise to an industry of countermeasures, which inspire counter-countermeasures. “It’s like a game of whack-a-mole,” says Fernando Arriola, vice president for media and integration at ConAgra Foods. Consumers, meanwhile, to the extent they pay attention to targeted ads at all, hate them: The top paid iPhone app on Apple’s App Store is an ad blocker.
“I can think of nothing that has done more harm to the Internet than ad tech,” says Bob Hoffman, a veteran ad executive, industry critic, and author of the blog the Ad Contrarian. “It interferes with everything we try to do on the Web. It has cheapened and debased advertising and spawned criminal empires.” Most ridiculous of all, he adds, is that advertisers are further away than ever from solving the old which-part-of-my-budget-is-working problem. “Nobody knows the exact number,” Hoffman says, “but probably about 50 percent of what you’re spending online is being stolen from you.”
Bonnier is a 211-year-old Swedish media conglomerate. Like a lot of traditional publishing companies, it has struggled in its transition to the Internet era. Generating digital revenue to offset declines in the print business is paramount, and video ads are particularly lucrative. Last year the company began to build videocentric sites for Saveur and several of its other titles, including Outdoor Life, Working Mother, and Popular Science.
About half of Saveur.tv’s home page is taken up by a player that automatically plays videos with simple kitchen tips. In early September, the spots (How to Stir a Cocktail, Step One: “Hold the spoon between pointer and middle finger …”), were preceded by ads from Snapple and Mrs. Meyer’s household cleaning products.
The challenge for Bonnier was building an audience. That can be done organically—by coming up with lots of content, promoting it until people start watching, persuading advertisers to buy in. Or there’s a modern shortcut: Buy traffic. Which doesn’t necessarily mean fake it. Publishers often pay to redirect human users from somewhere else on the Internet to their own sites, and companies such as Taboola and Outbrain specialize in managing this kind of traffic. Website A hires Taboola, which pays Website B to put “content from around the Web” boxes at the bottom of its pages. Viewers, enticed by headlines like “37 Things You Didn’t Know About Scarlett Johansson,” click on a box and are redirected to Website A. But redirects are also expensive. In practice, only 2 percent of people on a site click on these boxes, and Website A has to compensate Website B handsomely for giving up precious visitors.
Less ethical methods are cheaper. Pop-ups—those tiny browser windows that you ignore, click to close, or never see—are one way to inflate visitor numbers. As soon as that window appears on your computer, you’re counted as someone who’s seen the ads. An even more cost-effective technique—and as a rule of thumb, fake is always cheaper—is an ad bot, malware that surreptitiously takes over someone else’s computer and creates a virtual browser. This virtual browser, invisible to the computer’s owner, visits websites, scrolls through pages, and clicks links. No one is viewing the pages, of course; it’s just the malware. But unless the bot is detected, it’s counted as a view by traffic-measuring services. A botnet, with thousands of hijacked computers working in concert, can create a massive “audience” very quickly.
All a budding media mogul—whether a website operator or a traffic supplier—has to do to make money is arbitrage: Buy low, sell high. The art is making the fake traffic look real, often by sprucing up websites with just enough content to make them appear authentic. Programmatic ad-buying systems don’t necessarily differentiate between real users and bots, or between websites with fresh, original work, and Potemkin sites camouflaged with stock photos and cut-and-paste articles.
Bonnier wasn’t that audacious. But even its own executives say the content on the video sites was unlikely to create and sustain much of an audience on its own. So they turned to several different traffic brokers—or audience networks, to use the industry euphemism. Sean Holzman, Bonnier’s chief digital revenue officer, described the practice as normal for big-time publishers, especially those rolling out new products, because advertisers won’t bother with sites that don’t already have an audience. “It was a test, a way to prime the pump and see if we could build these sites at this price point,” he says. “You usually have to keep buying some traffic, because the audience you’re getting isn’t as sticky.”
It’s also common for publishers not to tell their advertisers when they’re buying traffic, and in most cases, Bonnier didn’t. When advertisers asked, says spokeswoman Dorset, the company was open about its buying traffic. Holzman says there was no intent to deceive anyone. The company hired security firms, he adds, including DoubleVerify, to vet the sites for bots and was assured they were buying real human visitors. But he says they weren’t paying top dollar for their traffic. Among audience networks, he says, “there are some you might call Toyotas, others we’d consider Mercedes. We were priced at the Toyota level.”
The traffic market is unregulated, and sellers range from unimpeachable to adequate to downright sleazy; price is part of the market’s code. The cheap stuff is very easy to find. On LinkedIn there’s a forum called “Buying & Selling TRAFFIC,” where 1,000 “visitors” can be had for $1. Legit traffic is a lot more expensive. Taboola, for example, charges publishers from 20¢ to 90¢ per visitor for video content, targeted to a U.S. audience on desktops only. A publisher like Bonnier can sell a video ad for 1¢ to 1.2¢ per view in a programmatic auction, which is how the company sold most ads on its video sites. If Bonnier had gone with Taboola, it might be losing 19¢ per view or more.
Soon after it started buying traffic, Bonnier’s numbers began to jump. In the summer of 2014, several of the video sites had almost zero visitors, according to ComScore. By December, Saveur.tv had 6 million monthly visitors and WorkingMotherTV.com, 4 million, according to site data provided by Bonnier. In May traffic surged again: 9 million for Saveur.tv; 5 million for WorkingMotherTV.com. The numbers didn’t pass muster with at least one big ad firm: SiteScout, which aggregates and lists ad space for sale from more than 68,000 websites, says it blocks several of these new Bonnier sites for “excessive nonhuman traffic.” Bonnier says it doesn’t work directly with SiteScout and was unaware its video properties had been blocked.
(Bloomberg.com, which like Bloomberg Businessweek is owned by Bloomberg LP, reported 24.2 million unique visitors in the U.S. in August, according to ComScore. The site purchases between 1 percent and 2 percent of its traffic from Taboola and Outbrain. “In the past, we have engaged with a few other vendors,” says global head of digital Paul Maya, “but we weren’t confident in the quality of the audience, despite assurances from the vendor, and canceled those deals.”)
Bonnier declined to reveal its traffic suppliers, but an analysis by SimilarWeb, a traffic-analysis firm, shows most of it arrived from a handful of identical-looking sites with names like Omnaling.com and Connect5364. com, each describing itself as “an advertising network technology domain.” Essentially the domains work like fire hoses, pumping traffic anywhere on the Internet. They’re registered anonymously but have shared computer addresses with other sites, including one called Daniel-Yomtobian.com. Daniel Yomtobian is the chief executive officer of a traffic supplier in Sherman Oaks, Calif., called Advertise.com.
When reached by phone, Yomtobian is gregarious and friendly. He describes Advertise.com as an ad network that sells more than 300 million page visits each month to companies that want to boost their traffic. Among his customers is Bonnier, which, he says, mainly purchased his cheapest-possible traffic, including “tab-unders.” Say you’re watching a movie on Netflix. A tab-under opens up another window beneath the one playing the movie. You may never see that new window, which displays an Advertise.com customer’s website, but Advertise.com’s customer still generates another page view. Repeat a few thousand times, and you build traffic numbers.
“I’ve found Advertise.com selling every type of worthless traffic I am able to detect,” says Benjamin Edelman, a Harvard Business School professor who researches the digital economy. “And doing so persistently, for months and indeed, years.”
Yomtobian allows that tab-unders are “low-quality traffic” and that Bonnier complained about that. But he says his firm checks the traffic of its supplying partners for bots and sends only real humans to the Bonnier websites. “We would never deliver traffic that we don’t think is real,” he says. Yomtobian also disputes Edelman’s claims that Advertise.com’s traffic is worthless. After all, people sometimes do see tab-unders and click on them. “There is a huge distinction,” he says, “between worthless traffic and low-quality traffic.”
You’ve probably never visited MyTopFace.com. It’s a cosmetics advice site that sells ad slots for anywhere from 73¢ to $10 per 1,000 views, with video ads fetching far more money than display ads, according to SiteScout. As of early September, the top story on MyTopFace, an article with an accompanying video called “Smokey Eye Makeup—Kim Kardashian Look,” was at least 5 months old. Stale content seems like the worst way to attract readers, but if the readers are bots, it doesn’t matter. So MyTopFace could have made as much as $9 for every 1,000 visitors, assuming it kept costs close to zero and was able to acquire traffic at a rate of $1 per 1,000. MyTopFace ran ads from companies and brands such as American Express and Hebrew National hot dogs.
After more than a dozen e-mails and phone calls, the operator of MyTopFace agreed to meet with Bloomberg Businessweek. He’s 28, lives in Brooklyn, and introduces himself as Boris Boris (although a number of his network’s sites are registered under other names). On a warm September afternoon, he shows up at a trendy Flatbush Avenue cafe with his wife and their 1-month-old son in tow. He’s wearing a pair of brown, tortoiseshell glasses and sports a goatee with a waxed, handlebar mustache.
Boris says he was born in eastern Ukraine and made it to the U.S. when a Russian-owned business in New York heard about his Internet marketing skills through the émigré grapevine and got him a temporary visa. After a few months of fine-tuning, he helped a Brooklyn meat processor’s website vault to the top of Google searches. “They were happy, and I knew I could stay,” Boris says. “And I knew that I could find success in the USA, too.”
But Boris saw that the real opportunities in Web advertising lay elsewhere. In less than five years, he’s built a minipublishing empire, Boris Media Group, largely through the acquisition of cheap—and, often, fake—traffic. Along with MyTopFace, his portfolio includes several low-maintenance properties, such as MaryBoo.com, which offers health and beauty tips to pregnant women. Boris’s LinkedIn profile says his sites combine to reach more than 10 million viewers daily, which would get him in four days what the Los Angeles Times gets in a month.
Boris’s traffic number is difficult to verify—he declined to provide a full list of his websites. But for much of the summer, MyTopFace offered from 30,000 to 100,000 ad impressions for sale each day, according to SiteScout.
During the interview, he freely admits he buys many of the visitors to his websites. He spends about $50,000 per year buying high-quality traffic for MyTopFace from Facebook (nothing nefarious there—you create an account for your business and then pay Facebook to advertise in people’s news feeds). And then he spends another $50,000 or so on cheap traffic whose origins he isn’t as sure about. Facebook traffic is real people, and costs about 100 times more per visitor than the mysterious cheap traffic.
Bloomberg Businessweek asked two traffic-fraud-detection firms to assess recent traffic to MyTopFace; they agreed on the condition that their names not be used. One found that 94 percent of 30,000 visitors were bots; the other put the bot traffic at 74 percent. Boris didn’t dispute the findings or appear at all concerned. “If I can buy some traffic and it gets accepted, why not?” he says. And if advertisers don’t like it, he adds, “they should go buy somewhere else. They want to pay only a little and get a lot of traffic and results. If they want all human traffic, they should go direct to the publisher and pay more.”
In a later e-mail, he explains his business differently. “Our network doesn’t buy traffic, we buy advertising that brings us traffic,” Boris writes. His operation uses antibot filters, he adds, and any advertiser that does find bot traffic can refuse to pay for it. In any case, fraud would be impossible, he says.
One prominent source of Boris’s advertising revenue is Myspace. The once-dominant social network’s new owner, the ad-tech firm Viant, relaunched it in 2013 with a focus on video. It has invested in Myspace exclusives, as well as custom-made video players that other sites can embed, much like YouTube’s.
When visitors went to MyTopFace.com last summer, a Myspace player would pop up in the bottom right-hand corner of the screen. First, an ad would show, followed by the editorial content—a 15-second video of a guy driving a car at night.
The guy-driving-at-night video, called Hitboy, was one of several put together by a Myspace employee to serve as placeholders, according to Viant. They appear whenever Myspace blocks a site from showing its actual video content. That might happen, say, if the site violates Myspace’s terms or conditions or if Myspace loses the rights to show a video that had been featured.
But the placeholders are still preceded by ads. Kozy Shack pudding, Chevrolet, Unilever, and various Procter & Gamble brands such as Tampax and Always have all paid for the privilege. Boris says the checks he cashed came through an affiliate program where Viant splits ad revenue with publishers who showed its players.
Viant’s executives say they have an affiliate program, but they’ve never heard of Boris or MyTopFace.com. They declined to name a single company that participates in the program. Boris says he put the Myspace players on his sites after being contacted by a middleman, whom he won’t name. “My balls will be cut off,” he says.
Chris Vanderhook, Viant’s chief operating officer, says the company has technology that checks for nonhuman traffic. “If a website has 80 or 90 percent bot traffic, then yes, we will try to remove this site from any ad rotation,” he says. Yet Boris’s MyTopFace, which, again, according to the estimates provided to Bloomberg Businessweek, had between 74 percent and 94 percent nonhuman traffic, hasn’t been cut off. Vanderhook says that must mean Viant’s software sees some value to it. If a website has a Myspace player showing ads, he says, “we deemed that it was still quality enough to auction off.”
Myspace’s placeholder videos appeared on about 100 websites in August, according to Telemetry, a fraud-detection firm. If anything, some of the sites are even more creative than MyTopFace. Take RealMovieTrailers.com. The site lists a nonexistent address in New York as its headquarters. The phone number doesn’t work. Image searches of its designers’ headshots reveal they’re stock photos, reused hundreds of times around the Internet. The photo of one designer, Roland Henry, also shows up on a Moroccan travel site as an ecstatic customer named Mohammed Hijazi. Another, Henry Gardner, is on an erectile-dysfunction-treatment page, where he’s an unnamed customer declaring it’s “the absolute best.” The identity of RealMovieTrailers’ actual operators isn’t clear; the site’s address is registered anonymously, and no one responded to an e-mail sent to an address listed on the site.
In September, after Bloomberg Businessweek asked Viant about its content, Myspace players began showing non-placeholder videos. But if the counters embedded in the players are accurate, those placeholders are some of the most watched clips in Internet history. Hitboy has amassed 690 million views. Even bigger is Surfing, which looks like someone butt-dialed a video: five seconds of black screen with some muffled background noise. According to the Myspace counter, Surfing has been viewed 1.5 billion times. That would make it bigger than any YouTube video in history—with the exception of Gangnam Style.
Programmatic advertising has become such a tangle of data firms, marketing firms, strategy firms, and ad tech companies that it can be hard even for the biggest brands to keep track of it all. Three years ago executives at Kellogg started to notice that spots for Cheez-It, Pop-Tarts, and Special K were running on sketchy websites, hidden in pop-under windows, or compressed into screens as tiny as a single pixel. Others were displayed on sites where much of the “audience” was bots. “It turns out I’m buying from this guy down the street who opens up his coat and says, ‘Hey, you want to buy some ads?’ ” says Jim Kiszka, the food company’s senior manager for digital strategy.
The situation became more infuriating when Kellogg tried to get a simple breakdown: How much was each part of the labyrinthine digital-ad process costing? Answers were impossible to come by. Kellogg asked for itemized bills from the various ad agencies and data companies it hired, but they all refused. “It wasn’t a smoking gun,” Kiszka says. “It was more like a detective story where you had to piece together the evidence. And it was clear that in a system with that little transparency, there was bound to be problems.”
In response, Kellogg’s in-house ad department assumed control of its contracts with publishers and ad platforms such as Google and Yahoo, removing the agencies from the process. Kellogg started using software that alerted it when ads ran on suspect sites and refused to do business with any sites that wouldn’t allow third-party validators to screen for bad traffic. Kiszka says the company has seen a 50 percent to 75 percent drop in bot traffic and a significant jump in its return on investment in advertising for Raisin Bran and Corn Flakes.
Ad fraud may eventually turn into a manageable nuisance like shoplifting, something that companies learn to control without ever eradicating. Advertisers generally see lower levels of fraudulent traffic by dealing directly with publishers rather than using programmatic exchanges. Of course, that also means missing out on the scale that automation provides. Sites such as Facebook, with its billion-plus users, are relatively bot-free, if expensive, places to run an ad. Earlier this year, Facebook said advertisers would have to pay only when their ads are actually seen by humans.
There’s also the possibility that the multitudes of smaller ad tech players will get serious about sanitizing their traffic. Walter Knapp, CEO of Sovrn Holdings, a programmatic exchange, says he was as alarmed as anyone at the rise of ad fraud. He decided it was a matter of survival. “There are 2,000 ad tech companies, and there is maybe room for 20,” he says. “I looked around and said, ‘This is bulls---.’ ”
About 18 months ago, he set to figuring out how much of his inventory—ad spaces for sale—was fake. The answer mortified him: “Two-thirds was either fraud or suspicious,” he says. He decided to remove all of it. “That’s $30 million in revenue, which is not insignificant.” Sovrn’s business eventually returned to, and then surpassed, where it was with the bad inventory. Knapp says his company had a scary few months, though, and he keeps part of a molar on his desk as a memento. “I was clenching it so hard, I cracked it in half,” he says.
He dismisses the idea that it’s hard to tell genuine traffic from fake. “The whole thing about throwing your hands in the air and saying, ‘I don’t know, maybe it’s real, maybe it’s not real,’ ” he says. “You can absolutely find out.” He sees it the way Supreme Court Justice Potter Stewart saw smut. “How can you tell it’s porn? You know it when you see it,” Knapp says. “Like, go to the website, man.”
Fake Books and Fake Reviews
ANYONE browsing new ebooks in Amazon’s gardening section last weekend may have been drawn to Everything Bonsai! standing proudly at the top of the bestsellers list.
The self-published title certainly came highly recommended with a series of glowing customer reviews, each marked with Amazon’s “verified purchase” quality stamp, which is intended to show that they were written by a genuine buyer.
In fact, Everything Bonsai! had been ghostwritten in three days in Bangalore, India, at a cost of just £65. The book was riddled with inaccuracies, grammatical errors and spelling mistakes. In one instance the word “bonsai” had even been misspelt.
The positive reviews had also come at a price. They were purchased for just £56 from people who openly advertise their willingness to fabricate recommendations.
Despite assurances from Amazon this weekend that it does all it can to combat such cheats, the investigation exposes the risk that its millions of customers are being deceived by a vast network of paid-for reviewers, phoney Facebook “book clubs” and fake expert authors.
An undercover investigation by this newspaper into the robustness of Amazon’s safeguards with regard to selfpublished books was mounted following complaints from customers and authors. One reader described buying a bestselling chess guide purportedly written by Matt Sigs, a physics teacher and chess coach at the prestigious California Institute of Technology and accompanied by more than 100 positive “verified” reviews. However, the book was riddled with errors including confusing knights for kings. The Sunday Times established that no one by that name has taught at Caltech and that the reviews were as fake as his biography.
Online blogs and forums feature self-published authors boasting to have made tens of thousands of pounds from such scams. On one, a so-called Kindle gold rusher bragged of earning $150,000 a year from ghostwritten ebooks accompanied by paid-for positive reviews. Some even provided a blueprint on how to secure a slot on Amazon’s “bestseller” lists, which use an algorithm to rank the top 100 books in a range of categories. It included advice to choose niche topics where there is less competition, raising the chance of a prominent listing and higher sales.
The Sunday Times placed an online advertisement for an inexpensive ghostwriter who could quickly provide a 10,000-word non-fiction ebook about bonsai trees. Within a few hours, 17 people had applied for the job including the young woman from Bangalore who agreed to produce the book over a weekend for $100. An online profile page for the book was created describing its fictitious author, Mary Ann Evans, as “a skilled practitioner in bonsai care”.
Fake review writers were then contacted through Freelancer and Fiverr, websites where work can be advertised. Those willing to perform the task were quick to respond with one claiming he could post 300 positive reviews. On the advice of the fake authors, Everything Bonsai! was offered free for five days using Amazon’s free promotional period. During that period, 17 positive reviews for the book, purchased from four different dealers for a total of £69, were posted. Only two were removed by Amazon. Although our fake reviewers were able to download the book free, their posts were still marked as coming from a “verified purchase”.
The Sunday Times actually overspent. It took just eight positive reviews, costing £56 in total, to help the book to top place in the garden and horticulture category of the free ebook section of the Amazon UK Kindle store. The fake reviewers used a variety of tactics to get round Amazon’s safeguards. One dealer based in America had created more than 70 Amazon accounts by harvesting names and photographs from people’s Facebook profiles. They included a group of British schoolgirls as young as 15 whose identities were then used to review ebooks and other products on the site.
Everything Bonsai! was withdrawn by The Sunday Times at the end of the free promotional period to prevent any genuine customers losing out financially. Had it remained, the book and its positive reviews would have been moved to the “paid” category. While it would have faced more competition there, according to other authors the same tactics could still be applied to fix the chart. The fake reviewers had downloaded the book more than 200 times, leaving them poised to add more glowing tributes over the coming days. An analysis of the numerous accounts used by the four fake review dealers suggests more than 500 authors on Amazon may have enlisted their services to deceive customers.
David Morrison, of Publish-Nation, which provides advice and support for genuine selfpublishing authors, said: “Reviews and bestseller rankings are so important to an Amazon author’s success, but this whole system is built on trust. “Ultimately it is Amazon’s customers who are being cheated by those using fake reviews and it is in the company’s interests to tackle it.”
Amazon insisted tackling fake reviews was a priority and it would consider legal action against those involved. “Our goal is to make reviews as useful as possible for customers,” it said. “We use a number of mechanisms to detect and remove the small fraction of reviews that violate our guidelines, close abusive accounts, and in some cases take legal action. The specific accounts in question have been closed.”
Amazon's response
AMAZON, the world’s largest online marketplace, is suing more than 1,000 people suspected of selling fake reviews in one of the biggest legal actions to uncover hidden identities on the internet. The web giant is mounting the unprecedented court action to strip 1,114 alleged fake reviewers of their anonymity and force them to pay damages for the “manipulation and deception” of Amazon customers, according to court documents filed in America on Friday. It is the first time any company has taken action against its own reviewers on this scale, according to legal experts, and could have far-reaching implications for privacy and the way consumer websites are policed.
The clampdown comes after an undercover Sunday Times investigation, in which a ghostwritten ebook was published on Amazon and fake reviewers were paid to push it to the top of one of the online retailer’s bestseller charts. A number of the fake review dealers exposed in our investigation have been cited in the Amazon lawsuit. This includes one US-based dealer who stole identities, including those of British children, from Facebook to make their fake accounts appear more genuine.
In the court documents Amazon said the fake reviewers were responsible for “misleading Amazon’s customers and tarnishing Amazon’s brand for their own profit and the profit of a handful of dishonest sellers and manufacturers”. The company filed the legal complaint in Washington state, where it has its headquarters, and listed the defendants as “John Does” — the American term for an unidentified person.
According to the complaint, all the defendants were advertising fake review writing services on the website Fiverr, a platform for online freelancers, and were identified following an “extensive investigation” in which the company posed as potential customers on the site. Amazon has included a list of all the defendants’ account names on Fiverr in the complaint and are seeking a court judgment to identify the people behind them. Although Fiverr has co-operated in removing fake review dealers, Amazon claims this does not “address the root cause of the issue or serve as a sufficient deterrent”.
Earlier this year Amazon sued several websites suspected of selling fake reviews and has introduced new technology to detect suspicious posts. However, the company’s latest move shows a significant escalation in tactics, according to Ashley Hurst, a specialist in internet disputes at the law firm Olswang. “An action on this scale in relation to fake reviews is certainly unprecedented. We have seen this kind of enforcement in the music industry to protect against piracy and on a smaller scale to prevent harassment and defamation on social media. “But this is the first time we have seen it on this scale for false positive reviews. “The technology industry uses increasingly sophisticated methods to prevent this kind of unlawful behaviour, but where enforcement becomes a game of ‘whack-a-mole’ it is sometimes necessary to take action directly against the perpetrators, both to prevent the activity and send a message to others.”
That message could come with a heavy price tag, as Amazon is seeking treble damages and lawyers’ fees from the defendants. Authors and other sellers on the site who took advantage of the scam may also face action in the future. It is understood that once Amazon has identified the fake reviewers, it will use the courts to force them to turn over details of all the companies for whom they have fixed reviews.
Yair Cohen, who specialises in internet law at Cohen Davis, believes that many of the defendants will be identifiable through their payments on Fiverr. “I’ve never seen a case like this against so many people at once, but going by similar smaller actions, the next step for Amazon will most likely be a subpoena of transactions from companies like PayPal. “They may have used software to hide their location and IP address, but they’ll have to have used a bank account to take payment. You just follow the money.”
Fiverr would not comment directly on the case but said it had a record of co-operating with Amazon over fake review dealers. “As Amazon noted, we have worked closely together to remove services that violate our terms of use, and respond promptly to any reports of inappropriate content,” a company spokesman said.
Fake News This Week
There is so much fake stuff on the Internet in any given week that we’ve grown tired of debunking it all. Fake Twitter fights. Fake pumpkin-spice products. Amazing viral video? Nope — a Jimmy Kimmel stunt!
Rather than take down each and every undeservedly viral story that crosses our monitors each week, we’re rounding them all up in a quick, once-a-week Friday debunk of fake photos, misleading headlines and bad studies that you probably shouldn’t share over the weekend. Ready? Here’s what was fake on the Internet this week:
1. Yelp is not suing “South Park” and Comedy Central for defamation. Welp, our old friend Paul Horner has struck again: The longtime hoaxer, a veteran of National Report and Super Official News, penned an entirely fictional story last week about a buzzy $10 million lawsuit — and got a whole lot of news outlets to buy in.
Horner’s story, which claimed the lawsuit was inspired by the Oct. 14 episode of “South Park,” included three major tip-offs that it was fake: (1) It referenced “Fappy the Anti-Masturbation Dolphin,” another of Horner’s creations; (2) It made Horner himself a character in the story, as all of his hoaxes do (he appears in the second paragraph as a Yelp spokesman); and (3) the story appeared on nbc.com.co, one of a proliferation of knock-off news sites to come to the fore in recent months. Horner himself owns several of them.
Given all these signs, how did so many legitimate news outlets — including the San Francisco Business Times and the Week — fall for the stunt? It appears that Google News may have a role to play in this one: for several hours, the news aggregator picked up Horner’s fake article and credited it to the real NBC News. That tool is driven by algorithms whose exact function is closely guarded by Google, so it’s hard to say exactly how that happened. Horner is just glad that it did.
2. Donald Trump did not tell People magazine that Republicans are dumb. A meme circulating on Twitter and Facebook claims that the Donald dissed voters in a 1998 interview: “If I were to run, I’d run as Republican,” it claims Trump said. “They’re the dumbest group of voters in the country.”
While Trump was indeed a People fixture in the late ’90s — his name appeared in it 27 times in 1998 — he never detailed his political ambitions with the magazine. The closest we could find was a Christmas 1998 article in which Trump said he was forming a presidential exploratory committee. He also said that he’d like Oprah to be his running mate, which is pretty funny.
3. The CDC did not tell people to avoid the flu shot this year. In fact, the Centers for Disease Control and Prevention advises just the opposite: Everyone older than 6 months should have the shot. But in a frightening demonstration of exactly how dangerous hoax news can be, more than 90,000 people have shared this claim the flu vaccine doesn’t work, isn’t safe — and that the CDC admitted as much in recent days.
CDC Issues Flu Vaccine Apology
For the record, these claims appear in the fringe health site “Vibrations of Health,” and are sourced to a year-old video from the alternative news outlet “The Next News Network.” (N3’s executive director also believes the U.S. government runs secret concentration camps for political dissidents — he’s been profiled by the Southern Poverty Law Center for it.)
While last year’s flu vaccine was less effective than usual, that doesn’t mean it doesn’t work. The flu virus is a constantly evolving organism that varies from year to year, and so do the vaccines that protect against it. Last year, a particularly common strain of the flu virus mutated, or “drifted,” away from the version that the vaccine was formulated for. (It still protected against several other strains.) The CDC does not expect that to happen this year, and has published a detailed guide to who should get the vaccine and how it works.
4. A man (probably) didn’t discover his wife was cheating on Snapchat. A series of incriminating Snapchats have been making the Internet rounds, appearing everywhere from the Daily Mail to Complex to Elite Daily: A woman was snapping her husband some sexy pics, the story goes, when he noticed a pair of men’s boots in the background and accused her of cheating.
We can’t be totally sure this one is fake — I mean, Snapchat divorces do happen — but the fact that the photos originated on The Chive are enough to raise suspicions. The site has a record of viral hoaxes, including the recent story about a couple finding $50,000 in a safe in their floor. We’ve contacted the company that owns The Chive and will update if we hear more.
5. A man did not commit suicide over the black character in “Star Wars VII.” More than 100,000 people have shared this story from obvious hoax-site NewsWatch33, which claims a 53-year-old North Carolina man killed himself over the whole #BoycottStarWarsVII thing. NewsWatch33 is not a legitimate news source, which you’d hope people could figure out from the glitchiness of the site itself and the proliferation of ads for “ridiculously dirty photos.”
6. While we’re on the subject of “Star Wars,” though, it’s also worth pointing out that the “trending” hashtag #BoycottStarWarsVII was actually a fringe echo chamber started by a few racist trolls.
7. And while we’re on the topic of NewsWatch33, it is also not true that a woman was arrested for “trying on tampons” at a Walmart store. In the past two weeks, versions of this story have appeared not only on NewsWatch33, but on the (affiliated?) hoax sites Daily Media Buzz and Now8News. The story’s racked up more than half a million shares between the three, despite the fact that it’s — ugh — patently untrue.
Elton John and Vladimir Putin
SIR ELTON JOHN was warned by his husband that a supposed phone call from Vladimir Putin was probably a hoax — but fell for it anyway.
David Furnish, right, is taking control of Elton John’s business empire, which includes the theatre company that produced The Lion King, and a sports management agency
The recent prank by two Russian television comedians claiming to be their country’s president and his press secretary created headlines around the world and left the Rocket Man embarrassed.
Yet the singer had been warned by his partner of 22 years that there was a strong possibility the approach was an ill-humoured joke. “The minute the call came in, I said, ‘Please, please, let’s make sure this isn’t a hoax’,” said David Furnish, who married John last December. After an initial approach, Furnish tried to verify the identity of the callers and found the comedians had used the correct names, and supplied phone numbers for real officials inside the Kremlin. “It was extremely well set up,” he added. “When it turned out to be a hoax, we were so disheartened.”
The prank emerged in September after John thanked Putin publicly on social media for “reaching out” to discuss gay rights in Russia. The Kremlin subsequently rushed out a statement saying no conversation had taken place.
A few days later, the comedian Vladimir Krasnov admitted he had been the fake Putin while his sidekick, Alexei Stolyarov, had performed as press secretary and translator.
The joke has backfired, however. Not only did the real Putin call the singer at his Windsor home to apologise for the prank, but now the Russian leader has agreed to a face-toface meeting to discuss the issues. “We’re in discussion with the Russian embassy right now — we’re working on finding the date,” said Furnish.
Last night, when addressing the Oxford Union as a guest speaker, John said he would use his twin loves of football and music to try to connect with the Russian leader but remained cautious about his ability to make inroads in changing Russian policy.
He said: “When I learnt Putin was introducing vile new laws . . . I wanted to contact him. I’m thrilled he has accepted. I’m lucky if I can achieve anything.
“There is only one choice — hate and fear us, and make life s*** for everyone, or love us, and make it better for all of us.”
John has become an influential global figure in promoting gay rights and battling HIV and Aids. The Elton John Aids Foundation has just won a $5m (£3.3m) award from the American government to fund the roll-out of HIV treatments and support services in 10 African countries where homosexuality is illegal, including Kenya, Tanzania, Uganda and the Democratic Republic of Congo. The award matches the amount the foundation is spending on the project from its own funds.
Cosmetic Surgery and Ugly Children
You may recall the story of a husband suing his wife for failing to declare she had had plastic surgery after their children turned out "ugly".
The story was actually a fabrication which a Chinese tabloid attached to the above image. And it's the image Heidi Yeh says ruined her life.
Yeh was an aspiring model when she posed for the photo for a cosmetic surgery company in 2012.
She was positioned in the family portrait style shot alongside a male model and three children whose faces were photoshopped to be given unflattering features.
The caption that accompanied the advertisement read: "The only thing you'll ever have to worry about is how to explain it to the kids."
Yeh signed a contract which stated the ad would run in local newspapers and magazines. But the agency, J Walter Thompson (JWT), later allowed another plastic surgery clinic to use it on its website and Facebook page.
It didn't take long for the image to take on a life of its own with a tweak of the caption to: "Plastic surgery: You can't hide it forever."
A Chinese tabloid picked up the image and attached it to a fake story about a husband who sued his wife when he found out she had plastic surgery before they met.
Yeh told the BBC she first heard about it from a friend, and considered it "a one-off rumour."
"Then I realised the whole world was spreading it and in different languages. People actually thought it was real. Even my then-boyfriend's friends would ask about it."
The picture and accompanying stories appeared in Google searches in several languages including Arabic, English and Japanese.
In her tearful interview, Yeh said the meme going viral is to blame for everything that happened next: She was dumped by her embarrassed boyfriend, her career was ruined, and she has become a global laughing stock and the subject of nasty gossip.
Detecting Wine Fraud
The man they call the “wine detective” can usually sniff out a fake within 15 minutes — although sniff is probably the wrong word because the one thing you cannot do, when determining whether or not a £200,000 bottle of Château Lafite is the real deal, is open it.
Instead, Michael Egan has developed a very particular skill that is now more in demand than ever. The fine wine industry is in a race to develop new antifraud technologies after recent scandals laid bare how brazenly counterfeiters had been flooding the top end of the market with fakes, duping wine connoisseurs and contaminating the cellars of the richest collectors.
Enter Mr Egan. He fully expects that the new generation of tracked and traceable bottles — with their laseretched barcodes, labels featuring UV-sensitive fibres and seals that can be identified by a unique pattern of randomly generated bubbles in the resin — will eventually put him out of a job. Until then, he charges clients about €200 an hour to sleuth aroundd their cellars and identify which bottles are bogus.
As the market finally wakes up to the scale off fine wine fraud, Mr Egan says he has never been so busy. “At the beginning, a lott of people were fooled,” he said, referring to the American collectors, auctioneers and highrolling drinking clubs who weree taken in by Rudy Kurniawan, the conman currently serving a ten-year prison sentence for arguably the biggest wine fraud in history.
Mr Egan, 57, who spent 24 years in thet wine department at Sotheby’s, was the main expert witness at the trial last year. “Counterfeiters prey on people’s gullibility . . . It was very much like the emperor’s new clothes,” he says.
So how do you tell? First, you can’t taste a fake. “You can’t smell the difference between a Petrus ’47 as opposed to something from [another] château of the same year,” says Mr Egan, who was born in London but is now based in Bordeaux. “Also, in my opinion, the older a wine gets, the less you can pinpoint, because of the variations in storage. Generally speaking, they lose their identity a bit. So opening the bottle and tasting it is not the definitive identity of a fake.”
He relies instead on clues on the bottle, label, cork and capsule. He may check thousands of bottles each week, inspecting the details through a digital microscope he plugs into his computer. “It’s a visual examination. So I check the bottle itself, whether it’s of the era or more modern. Some of the bottles are decades out. Even with very good, colour photocopier laser printing, the lettering is pixelated.”
Patina is also a good indicator. “Under normal storage conditions, you have dirt and dust all along the bottle, not just on the label. If there’s very little sediment, there’s another reason there might be something wrong with it. There’s also knowledge of the production levels at the time. So if you see unlikely blips of activity of certain wines, certainly that raises questions.”
In other words, if someone presents a caseload of the rarest Burgundy from a year when only a handful of bottles were produced, give them a wide berth. He believes the scandals have provided a welcome “corrective” to the inflated market, returning the spotlight to real fine wine that can prove its provenance. Next month the second part of the cellar amassed over 50 years by Don Stott, a New York financier and philanthropist, is expected to fetch about $3 million in New York.
Mr Egan says: “I’m not infallible by any means. I could make a wrong judgment but that’s the nature of the beast. All I can play on is my experience. I like to see justice being done.”
WashPo Gives Up
There is nothing — NOTHING — too crazy for the Internet hoax beat. Pregnancy by flu shot? Six days of total darkness? In the past 82 weeks, I’m prettyyyy sure I’ve seen just about everything.
We launched “What was Fake” in May 2014 in response to what seemed, at the time, like an epidemic of urban legends and Internet pranks: light-hearted, silly things, for the most part, like new flavors of Oreos and babies with absurd names.
Since then, those sorts of rumors and pranks haven’t slowed down, exactly, but the pace and tenor of fake news has changed. Where debunking an Internet fake once involved some research, it’s now often as simple as clicking around for an “about” or “disclaimer” page. And where a willingness to believe hoaxes once seemed to come from a place of honest ignorance or misunderstanding, that’s frequently no longer the case. Headlines like “Casey Anthony found dismembered in truck” go viral via old-fashioned schadenfreude — even hate.
There’s a simple, economic explanation for this shift: If you’re a hoaxer, it’s more profitable. Since early 2014, a series of Internet entrepreneurs have realized that not much drives traffic as effectively as stories that vindicate and/or inflame the biases of their readers. Where many once wrote celebrity death hoaxes or “satires,” they now run entire, successful websites that do nothing but troll convenient minorities or exploit gross stereotypes. Paul Horner, the proprietor of Nbc.com.co and a string of other very profitable fake-news sites, once told me he specifically tries to invent stories that will provoke strong reactions in middle-aged conservatives. They share a lot on Facebook, he explained; they’re the ideal audience.
As manipulative as that may seem, many other sites are worse: there’s Now8News, which runs outrageous crime stories next to the stolen mugshots of poor, often black, people; or World News Daily Report, which delights in inventing items about foreigners, often Muslims, having sex with or killing animals.
Needless to say, there are also more complicated, non-economic reasons for the change on the Internet hoax beat. For evidence, just look at some of the viral stories we’ve debunked in recent weeks: American Muslims rallying for ISIS, for instance, or Syrians invading New Orleans. Those items didn’t even come from outright fake-news sites: They originated with partisan bloggers who know how easy it is to profit off fear-mongering.
Frankly, this column wasn’t designed to address the current environment. This format doesn’t make sense. I’ve spoken to several researchers and academics about this lately, because it’s started to feel a little pointless. Walter Quattrociocchi, the head of the Laboratory of Computational Social Science at IMT Lucca in Italy, has spent several years studying how conspiracy theories and misinformation spread online, and he confirmed some of my fears: Essentially, he explained, institutional distrust is so high right now, and cognitive bias so strong always, that the people who fall for hoax news stories are frequently only interested in consuming information that conforms with their views — even when it’s demonstrably fake.
Had I written this column as normal this week, I probably would have included, say, this widely shared post on Before It’s News that claimed an Alaska judge called for Obama’s arrest. But Quattrociocchi has found (and this is perhaps intuitive) that the sort of readers who would unskeptically share such a far-fetched story site are exactly the readers who will not be convinced by The Washington Post’s debunking.
To me, at least, that represents a very weird moment in Internet discourse — an issue I also addressed earlier this week. At which point does society become utterly irrational? Is it the point at which we start segmenting off into alternate realities?
“What Was Fake” has had a good run, but the nature of Internet misinformation has changed — so as the year winds up, we’re going to change, as well. Thanks for reading over the past year and a half! And remember: If in doubt about a news item on an unfamiliar source, please click the “about” or “disclaimer” tab.
Fake Stradivarius
The global violin market is saturated with fakes and the “lure of the Stradivarius” is catching out billionaire investors, according to a leading dealer.
Florian Leonhard said that of the $4 billion of violins traded annually, up to a third of those within the $20,000 to $100,000 range were phoneys.
One in ten sold with a valuation upwards of $1 million were also fake, according to Mr Leonhard, a classical instrument dealer, restorer and maker based in London.
He said that he had informed a Czech millionaire that the $50 million he handed over in a bonded warehouse in Switzerland for what he thought were 18th century classics had secured three $500 violins.
“Faking has always been a problem since the outset of the violin trade,” he said. “People change labels for some quick financial gain. There are a dauntingly high number of fakes sold each year.” Mr Leonhard, who claims to know the whereabouts of almost all the 650 Stradivarii made by the Italian master craftsman, said that the difficulties in authenticating them meant that struggling musicians and billionaire investors would all get duped. “Musicians have a naive side but even investors, who think because they have made a lot of money they are in control, also have a naivety when it comes to instruments. It is such a specialised field. Certificates are easy to fake.”
The limited number made by Antonio Stradivari and his fellow master Giuseppe Guarneri del Gesù from their Cremona workshops in Italy in the 17th and 18th centuries has ensured the instruments remain an attractive investment. Although one Stradivarius, the Lady Blunt, was sold for a record-breaking $16 million in 2011, a couple of other instruments failed to sell last year for what would have been world records.
Mr Leonhard, who has supplied classical instruments to some of the world’s finest musicians from his Londonbased Fine Violins company, said that billionaires tended to circulate the instruments in private deals away from auction houses. He said that about 25 instruments valued above $5 million were traded each year with another 70 valued at above $1 million. “They enjoy owning these pieces and don’t want people to know how much they paid for it. If you have an art collection and one day you dispose of it, you do not want everybody to know how much you paid for it,” he said.
He said that the increasing demand in China — 30 million people are estimated to play violins there — had increased the fraudulent trading. “Everybody there fiddles with labels and certificates because there is nobody to say ‘no, that’s not right’,” he said.
The more money somebody spent on a violin, the more chance they would call in an expert to authenticate the instrument. “The lower the price, the more rogue people have the ability to put their hands on something and try to pass it on,” he said. “There are always new victims.”
He added that although modern violins could almost replicate the rich sound of a Stradivarius, investors still wanted the old one. “One hundred thousand people want to buy a Stradivarius but there are only 650. Modern violins can be as good as the old ones but there is not a threat to the Stradivarius brand because it is the original. You can copy Picasso but it is not what people want. They want a real one.”
Fake App Reviews
Glowing endorsements and stolen celebrity identities that are used to boost sales can be bought for as little as £1 each.
CONSUMERS are being duped into downloading apps by fake reviewers using stolen images of celebrities, elite athletes and even a United States congressman, an investigation by The Sunday Times has found.
Posing as an app developer, an undercover reporter released a shoddy and ineffective lie-detector app called Spot the Faker! for iPhone and Android handsets. The appeal of the app was boosted with dozens of fake five-star reviews bought from social marketing companies. After just two weeks the Android app had accumulated 47 five-star ratings on the Google Play store.
The iPhone app had 12 fivestar ratings on the rival iStore.
The glowing endorsements were bought for a total of £120 from three companies that openly advertised app review selling services and were prominently listed on Google’s own search engine.
One of the companies boasted that it could provide orders of up to 500 reviews at a time. Another said that it circumvented the controls of Apple and Google by slowly drip-feeding the fake reviews into their stores.
Most of the reviews provided by these companies were posted from the accounts of so-called “sockpuppets” - online identities created partly or wholly from the details of real people for the purpose of deception. The positive reviews for Spot the Faker! included stolen photographs of a 21-year-old woman from Hadfield, Derbyshire; America’s longest serving congressman; an Oscar-nominated actress; an Olympic swimming champion and a German pop star. Spot the Faker! was not the only app to receive reviews from this network of sockpuppet accounts. Reporters identified more than 100 other Android and iPhone apps that had benefited from fake reviewers.
In some cases the sheer number of fake five-star reviews obscured the one-star reviews from customers who had posted warnings that an app was a “scam” or had compromised their data.
Other apps bolstered by fake reviews were aimed at teenagers, children and even toddlers. Users were then bombarded with internet advertising.
This weekend Apple and Google said they had systems in place for detecting fake reviews and would remove anyone found responsible for them from their sites. But experts called for a renewed effort by the companies to tackle the fake-review “factories” located around the world.
Professor Alan Woodward, a cyber-security expert from the University of Surrey, said: “There are so many dummy accounts out there. There’s a whole industry of these bots churning out fake IDs and reviews.”
One of the “factories” is located in the Philippines on the island of Cebu — marketed as “the gateway to a thousand journeys”. Social Marketeers is a company run by Richard Roles, an expatriate entrepreneur living on Cebu after leaving Aldershot in Hampshire. “All for one and one for social media” reads the website’s slogan. Social Marketeers, which offered to create and post fake reviews for apps, also boasted that it was “the No 1 most trusted social media warehouse” and had taken more than 42,000 orders.
One of them, for 20 iPhone reviews priced at $24 (£17), was placed by a Sunday Times reporter. While the reviews were not posted before Spot the Faker! was intentionally withdrawn, Roles, 26, appeared unrepentant.“Sometimes in life people just need a little boost on their apps . . . their apps suck, hence why they want to buy it [the review] to look popular and make it go viral,” he said. He added that he had now stopped selling reviews after having received a “cease and desist” order from Apple.
The registered address for Social Marketeers is a house near Aldershot owned by a retired couple, who said that they had no knowledge of the company or its founder. Roles said that he had picked it at random: “It’s an address near where I used to live, because we didn’t want our competition to know who we were. “This industry is very violent. Most of these sites are based in India and Africa. We’ve had threats from some because we were ranking higher in Google searches.”
Some of those duped by fake reviews from firms such as Social Marketeers are also in danger from malicious apps that steal personal data.
In November last year Apple and Google were forced to withdraw an app that claimed to track Instagram photographs after a developer discovered it was stealing users’ passwords.
The malicious app had been boosted by fake five-star reviews and downloaded up to 500,000 times before finally being taken down.
In response to our investigation, Google said: “We have strict policies against creating fake reviews or ratings on Google Play. We constantly remove and enforce against inappropriate behaviours through automated detection or as soon as we are made aware of them.” Apple said developers who “attempted to manipulate or cheat the user reviews and rankings with fake or paid-for reviews” would have their apps and Apple accounts deleted.
Some experts believe current safeguards and customer protection are inadequate.
Stuart Miles, who runs Pocket-Lint, a technology review site, said: “Services like Google and the Apple app store want people to write reviews because they want the content to be there. It adds to the sales data and the product page.”
Phish Finding
Mails with serious content in an official tone, final notices or seemingly technical issues are enough to unsettle most readers. Often, this is an attempt at cheating you out of your money as I described last week. How can you catch on to the scammers, where do they give themselves away? The first step is to realize that your personal information is already in the wrong hands.
Phishing mails seem twice as credible when they already contain the correct name, address and even your bank information. This information can come from various sources. Maybe one of the companies you recently dealt with was hacked. Entire collections of stolen user profiles are available for sale on the dark web, the part of the Internet that requires specific software and authorization that is frequently used by criminals. Have you ever had a Trojan on your PC? This type of malware collects your every input and can create extensive user profiles. Have you recently participated in an online raffle or similar offers that require you to provide your personal data? Hosters of free services finance their offers through the sale of customer data sets among other things. It pays to think twice before you give away your real name, address and bank information. It's easy to change your email address but your place of residence or your bank account? Not so much.
How to identify phishing mails
Look for irregularities. Did the sender write to you before? What about spelling and syntax? For example, many scammers use Google Translate to create mails in foreign languages. These mails contain valid words but in weird combinations. As native speakers, your bank, PayPal or whoever supposedly wrote them usually do much better.
Time's running out!
That's the essence common to many phishing mails. Unless you're facing bankruptcy or love to collect final notices no respectable company will write to you in this manner. This pressure is built up to make you act rashly, give away your data or make that urgent transfer. But frozen bank accounts and property seizures are always the last resort and don't happen over night. So stay calm, think and contact the companies mentioned through regular channels (phone / email). Don't use the contact address provided in the mail as this may lead you to other criminals that will try to convince you of its validity.
Online banking is often the focus of criminal actions
No bank requires your data, PINs or TANs! Whenever you're prompted to input your user name, password or even transaction codes, something's fishy. The authors of such emails are crafty in finding new reasons for you to "confirm", "verify" or input data for "further processing". Your bank already has all the information otherwise you wouldn't be able to log into your account in the first place. Scammers also like to pretend that your account has been suspended or hacked. Again: Call your bank and sort things out. If a wave of spam mails is under way, your bank will most likely clear this up with you quickly.
Don't open attachments and don't click on any links if you're uncertain about their contents! Even good antivirus software cannot provide 100% protection against all Trojans and other malware. Very popular: Links hidden in a PDF document (e.g. to display the status of your package delivery) that will lead to a download link for a Trojan so the original attachment is clean but the link target is not. Bad!
It's unlikely that you're the first to receive this mail. Numerous sites deal with this topic and provide up to date examples. If you find weird phrases simply copy them into Google Search. In all likelihood, you will quickly discover fellow users with the same problem so the issue gets resolved soon.
Scammers are currently using a new scheme on Facebook. Using fake profiles that resemble those of your friends, users will ask you for your cellphone number. Instead of a message, you will receive an SMS with a code. While you're still trying to make sense of this, your "friend" will then ask you for that code. If successful, you will be charged for the message by common payment providers such as PayPal, Buy with Mobile or their offspring Zong on your next cellphone bill. Solution: Adjust your privacy settings so that only your friends can view your list of Facebook contacts.
Does the mail contain links? Simply hover your mouse over them, don't click. Most email applications will already display the link target this way. Make sure it's the right company and pay attention to every detail as scammers tend to use addresses that are very similar to the originals.
If you're willing to dig a little deeper into the technical details, you may also want to analyze the email header. Because what is usually simply displayed as a name in our email applications contains a lot more information than that! Visit iptrackeronline for further details.
Still uncertain? Visit the company site the mail supposedly refers to (before you open any attachments or click on any links in the mail!) and log in as usual. Whether it's your bank, Amazon or PayPal, if the mail is legitimate, you will find similar messages or notifications in your user account. If there aren't any feel free to delete the mail.
You see, the best security system still sits between your ears! Be vigilant and stay calm when you receive mails you can't immediately make heads or tails of. Run a full virus scan. Most Trojans will be detected and eliminated by your antivirus program. Modern online banking methods, alert users and good antivirus applications are making it harder for these phishing attacks to work yet the yearly damages caused are estimated to be in the billions. And even if the worst happens, you're not alone. Back in 2009, highly indecent sexual statements seemingly made by English MPs attracted a lot of attention on Twitter. These MPs had carelessly entered their user names and passwords in response to a phishing mail.
Medicare Fraud and Bounty Hunters
JOHN MININNO SLAPS two pieces of paper onto an overhead projector. “Look at this,” he says. “You see how one form is a photocopy of the other—with just the date changed? It’s exactly the same paper!” The printouts are mere insurance forms, but Mininno is genuinely pissed off about them. “They’re allowed to bill for that procedure again six months after they first provide it. That date is six months to the day!”
Not everyone can get this worked up about insurance forms. But to Mininno, these are a combination of smoking gun and a slap in the face. Together they clearly show that someone is ripping off Medicare. But perhaps what’s worse is that someone is being really lazy about it.
If Willie Sutton had to choose a criminal career today, he’d be ripping off Medicare too. As the bank robber supposedly said: That’s where the money is. The program spends more than $600 billion a year on health care for 54 million people, most of them seniors. It is a massive pool of underguarded funds ripe for skimming. By the government’s own accounting, fraudsters scammed $60 billion from Medicare in 2014, and the losses are growing. Since 2007 more than 2,300 health care providers have been charged with fleecing Medicare, and more than 1,800 defendants have been convicted of felony offenses, ranging from claiming phantom services to performing unnecessary surgeries.
Finding a whistle-blower requires a nose for mischief, a gift for persuasion, and the technical chops to identify patterns in thickets of diagnostic codes and billing data.
Scams are run so often, by so many people, that dedicated government investigators can’t keep up: In 2014 prosecutions initiated by the government led to a mere 31 settlements yielding $88 million in fines. Luckily, there is another defense against Medicare fraud: whistle-blower lawsuits. Under the federal government’s false claims statute, any insider can sue a company that’s providing fraudulent services, on the government’s behalf. If the whistle-blower lawyers are successful, the plaintiffs collect 15 to 30 percent of the settlement as a bounty. In 2014 there were 469 of these health care fraud settlements—many involving huge pharmaceutical corporations and hospital networks—resulting in $2.2 billion in fines.
The problem is that even with this financial incentive, whistle-blowers can be skittish about coming forward and often are ill-prepared to present solid evidence. “When a whistle-blower goes to the government by himself,” says Patrick Burns, an antifraud activist in Washington, DC, “the whistle-blower is disorganized. They’re hot, and they don’t stick to just the facts. He’s pissed off because he was fired, and when angry people call you up, you just assume, ‘Crazy loser, you’re a nut job.’”
Professional whistle-blower lawyers are much better at arguing a convincing case. But lawyers aren’t always the best investigators. Sometimes finding an insider requires a nose for mischief, a gift for persuasion, and the technical chops to identify nonobvious patterns in impenetrable thickets of diagnostic codes and billing data. Sometimes it takes a bounty hunter. Someone like John Mininno.
A BROAD-SHOULDERED former college linebacker who speaks in the blue-collar brogue of central New Jersey, Mininno is an unlikely big-data entrepreneur. After working his way through law school, he spent 18 years representing victims of medical negligence. What he saw made him angry. “I had a wrongful death case, a woman who went into a nursing home for rehab on a hip fracture,” he says. While under the facility’s care, the woman suffered a host of injuries, from a fractured tibia and ankle to severe pressure sores. Mininno argued in court that her death was preventable, had anyone simply repositioned her from time to time. “They put her in a room, they billed her insurance, and they didn’t pay attention to her. It became clear to me that these were large corporations trying to monetize people’s insurance. It’s disgusting.”
Over the years, Mininno developed a reputation as a lawyer who knew how to find evidence of fraud in billing patterns, and in 2011 he was approached by a financier who needed help vetting some investments in health care companies. Were these companies really profitable, or were they padding their financials with fake Medicare billings? He asked Mininno to shine a light and see if any cockroaches scurried out of those company records.
Around this time, a mountain of information on health care providers was becoming publicly available. In response to a Freedom of Information Act verdict, the Centers for Medicare and Medicaid Services (CMS) released data on tens of thousands of medical practices. It was a detailed catalog of all the procedures those practices provide to seniors and what they’re paid to provide them. At the same time, various citizen journalists and data scientists were using Freedom of Information Act requests to get CMS data on physician referrals, which they assembled into a map of doctors who refer patients to each other—a network with 50 million connections—and the prescribing patterns of those doctors.
As a lawyer, Mininno looked at this trove and thought, “This is a massive business opportunity.” Whistle-blower law firms have to advertise, because they need informants to come out of the woodwork. Then they need to qualify those sources—do they have enough evidence? Then they have to figure out whether the scale of the fraud (and thus the likely payout) justifies the work they’ll have to plow into it, because they don’t get paid unless they win. This is time-consuming and expensive.
From his days as a lawyer and his work looking through company medical records, Mininno knew what kind of footprints to look for in the data: what the scams are and how those scams are coded up for reimbursement. Without this knowledge, algorithms will churn up thousands of false positives. For example, you can’t look at just medical practices that administer high volumes of pricey medications—there are doctors who legitimately administer extremely expensive injectable drugs, like chemotherapy, in their offices. There are clinics in areas where patients are sicker, and therefore more expensive to care for, than the general population. In other words, there are plenty of legitimate reasons for outliers to be outliers.
Fraudsters aren’t necessarily the biggest billers—it’s a bit of a myth that fraud lives at the end of a bell curve. But they do have some distinctive ways of doing business, if you know what to look for. Mininno realized he could build a business around using data to find certain patterns, identify likely informants (usually former employees), and turn them into false-claims plaintiffs. He didn’t have to wait for whistle-blowers to walk through his door—or advertise like the big whistle-blower law firms. He could use analytics to troll for sketchy providers and insiders, transforming that rare, long-odds game into a quantitative, target-rich discovery process with gumshoe work on the back end. Mininno pitched the idea to his Wall Street client, who became his angel investor. The National Healthcare Analysis Group was born.
If you’re hunting for a big-game trophy, the first thing you’ve got to do is eliminate the targets that have already been tagged—only the first plaintiff to file gets a payout. So Mininno designed a system for combing through SEC filings to eliminate health care organizations that were already being investigated.
To identify potential informants, his developers assembled a database of 70,000 health care workers and their employment histories, scraped and extracted from publicly available sources. The ideal informants are well-qualified nurses who worked for a suspicious clinic, but only for a few months, then immediately got another job. They were obviously good employees, but something they saw on the job likely made them leave. Mininno cold-calls them. “For the most part,” he says, “people are open and honest and want to tell their story.”
To wrangle Medicare billing data, he became the first paying customer of a Portland, Oregon, startup called Carevoyance, which had cross-linked dozens of databases to identify referral networks. If a practice has been investigated, it’s worth knowing who sends them patients, or vice versa.
To catch a crook, it helps to think like a crook. And crooks cut corners. Sometimes, they’re too cheap to resolve contradictions between their Medicare claims and what they tell state tax authorities. So when Mininno sees a practice where, according to Medicare records, nurses never miss a day’s work, he pulls unemployment claims. Because when aides are laid off, they file for unemployment. But their bosses, who’ve been billing for the services of these never-absent, superproductive health workers, try to duck unemployment claims by asserting they were fired for not showing up for work. The billing data, which shows indefatigable employees, and the employers’ claim that these same nurses were absent and unproductive can’t both be right. Such a practice is a likely candidate for investigation. There are ways, Mininno says, to “poke holes in the perfect paperwork and the perfect data.”
But data, algorithms, and geeks weren’t enough. To get his venture going, Mininno needed his first insider, one willing to put their lips on the whistle and blow. Then he had a lucky break. A source from his days working for that Wall Street investor called and said: “There’s a gentleman who’s been sharing some stories with me. You might want to talk with him.”
MININNO WALKED THROUGH the double glass doors of a Midwestern diner. He was meeting Alex, the nurse his source had hooked him up with. The guy was built like a refrigerator. He hadn’t shaved in days, and he was hungry for pancakes.
“You must be John,” he said. Mininno nodded. They followed the hostess back to a table where they sipped coffee and made small talk. As Alex demolished an extratall stack of blueberry pancakes with powdered sugar, Mininno described his company’s mission: Nail the bad guys and compensate people who step forward with the evidence to make that happen.
A weight seemed to lift from the informant’s mind. He’d been working at a home health clinic that sent nurses to help people after they’d been released from the hospital, and the clinic was essentially stealing money from the government, he said. He knew what he’d seen was wrong. But he hadn’t known there was anything he could do to stop it. And now Mininno was offering a share of the settlement if he could help prove the company had engaged in fraud.
“I’m in,” Alex said. (Some names and identifying details in this story have been changed.) Over the next three hours, he laid out the machinations of a Medicare profit mill: Nurses were instructed to skip patient assessments and provide services whether seniors needed them or not. Patients who needed more visits didn’t get them, because repeat visits lowered profitability. The practice plied retirees with free trips to casinos and paid doctors kickbacks for referrals.
“Dirtbags,” Mininno thought. “This is incredible. But I need the nuts and bolts.” Was there anyone else with access to records that could prove this? “The IT guy,” Alex replied. “He lives in Atlantic City. He runs all the computers.”
A few weeks later, Mininno shuffled into a casino. He stood in the doorway as poker players stared at their cards. He had no idea which one to look for. Then, from the table closest to the door, a sharp set of eyes in a sharp-featured face looked straight at him. It was his guy, a computer programmer named Oscar. He was conspicuously alert, intelligent, the kind of guy who thinks a hundred miles a minute and doesn’t need much sleep. At night, he played poker. By day, he ran the IT infrastructure for Alex’s erstwhile employer, which had mushroomed into a multimillion-dollar operation.
Over steaks, Mininno gave his pitch some torque. “Listen,” he said, “if I’m here talking to you about your employer—if our little company can find this—it’s only a matter of time before someone goes to the authorities.” There were two options: Help the investigation before the company was busted and collect a slice of the settlement, or be interrogated later as the head geek of a fraudulent organization.
“I need some time to think about this,” the programmer said.
“Take all the time you need.”
A month later Mininno got a data file from Oscar. The numbers showed systematic gaming of Medicare reimbursement rules. One part of the scheme allegedly worked like this: Medicare pays a provider based on the number of visits to a patient’s house in a 60-day period. If the provider makes up to nine visits, it gets reimbursed $2,200. For 10 visits or more, the provider gets an additional $2,200, because the case is assumed to be more severe and complex. A chart of visits per patient in 2007 showed that five times as many patients were getting 10 visits than were getting nine visits. When Medicare changed its rules in 2008 to set payment thresholds at six, 14, and 20 visits, the frequency distribution shifted dramatically to maximize revenue at the new thresholds. Jacking up the number of visits just to get over those thresholds is fraud, because the only legal basis for Medicare reimbursement is medical necessity—not profit maximization.
Meanwhile, Mininno was using the employment database to find nurses who could confirm they’d been instructed to visit each patient once a week, regardless of whether the patient needed those visits (or required more frequent visits). Ultimately, Mininno worked with a law firm, which filed a false-claims lawsuit against the company in the spring of 2012. The Department of Justice reviews such cases and triages through them, looking for cases with merit. After two years of bureaucratic review, a Department of Justice task force pulled a warrant for a raid in 2014, and the case is now grinding through the settlement process. Since 2012, Mininno and the lawyers he works with have filed around 40 lawsuits, which means more raids, prosecutions, and settlements are likely in the coming months and years.
BACK AT HIS office in a rented Victorian in New Jersey, Mininno is talking about snow days. His practice is expanding (he’s currently searching for a data scientist with a public health background), and he’s looking into potential new cases. His staff also includes a part-time private investigator, and he has software developers and statisticians on contract. One of the latter, Brandon Cosley, has written a query for Medicare claims during weather emergencies.
On snow days, people usually reschedule nonemergency appointments. They stay in bed instead of driving to the doctor. Emergency rooms will see an uptick in visits because of car accidents and cardiac events triggered by snow shoveling, while regular doctors’ offices will see a drop. But providers filing for phantom services make the same number of claims in the middle of Snowpocalypse as they do the day before and the week after. They bill as if the day was totally normal, even if it was not a normal day at all. If there’s a hallmark of fraud, it’s a lack of variability—the missing randomness of people and their bodies and behaviors. Fraud is algorithmic and invariable because it’s optimizing revenue, not meeting human needs.
This is the kind of thinking—a sense for where billing patterns don’t match the practice of medicine—that can differentiate legitimate providers from billing mills that are ripping off Medicare and, by extension, taxpayers. It’s a marriage of convenience between the government and the bounty hunters, explains Patrick O’Connell, who headed up the Texas Medicaid fraud division from 1999 to 2007, before becoming a whistle-blower attorney. “The government has a tendency to not like whistle-blowers who are just in it for the money. They prefer someone pure,” he says. But in reality the government can’t afford pure. It doesn’t have enough lawyers to take on the teams of $1,000-an-hour attorneys that big health care operations tend to hire. These lawsuits, he says, are “the greatest outsourcing program in American history.”
A gigantic government operation is always going to be an appetizing target for skimmers, rule benders, and straight-up crooks. Data science is part of the answer. Lawyers are still necessary. But to extract the dirt from the data, you need to understand how human beings might be tempted to manipulate the truth—and where they fail to cover their tracks. There is no app for that.
5 RED FLAGS THAT SIGNAL FRAUD
Medical offices and health care companies may look normal in a database, but apply a sufficient dose of statistical analysis and the fraudulent operations reveal themselves. The algorithms look for certain signals.
1. Lack of randomness
When claims are filed with metronomic precision—if every patient gets billed for a follow-up procedure on the very day that procedure becomes billable, or if there’s no dip (or spike) in patient visits on snow days or holidays—that indicates a problem.
2. No patient ever gets better
When patients get released from the hospital, they might receive follow-up visits at home from nurses. Some patients should need fewer visits than others, of course, so if every case is dire and requires the maximum allowable visits, it’s worth looking into.
3. Bunchy billables
The number of procedures that a patient population really needs should have a bell curve distribution. But if an analysis of the billing shows a bunchy distribution - with leaps in frequency clustered around thresholds for more payment - that suggests treatments are being given to maximize revenue.
4. Running with a bad crowd
Practices aren’t necessarily guilty by association. But as in social networks, similar types tend to associate with one another. If a provider is enmeshed in business relationships with practices that have been investigated for fraud, it might not be squeaky-clean, either.
5. Self-interested referrals
Whether it’s a huge pharmaceutical company like Valeant (recently investigated for using a captive pharmacy to steer prescriptions) or a physician-owned radiology lab that gets most of its referrals from its owners, conflicts of interest in health care abound. Another, related dodge: physicians who refer patients to a practice where they don’t provide services but are paid as “medical directors.” That runs afoul of antikickback statutes.
Typosquatting Fraud
Customers of popular websites such as Netflix, Amazon, Facebook and Skype are being targeted by a surge in “typosquatting” fraud, as hackers look to exploit people who accidentally mis-spell web addresses.Internet users have been warned to type website names carefully following a spike in registrations of suspicious domain names in the Middle East.
Typo-squatters target major brands by registering domains very similar to the legitimate web address. Often they add extra characters, such as googgle.com, adjacent keys, such as googlw.com, or swap the position of letters, such as googel.com.
When people land on these fake websites they are usually served pop-up adverts or redirected to dubious websites but in some cases the fake website is designed to look like the real one and the user is tricked into sharing their details or downloading malware that can be used to commit fraud.
In the past month there has been a surge in registrations of suspicious web addresses of western brands in Oman, which end in “.om”, exploiting people who accidentally miss the letter “c” in a .com address. Research by Endgame.com, the US computer security company, has identified 319 suspicious websites that have been registered, including Netflix.om, amazon.om, amazonc.om and Bet365.om.
Most of the real companies have no website or operation in Oman and appear to have no idea their customers are being tricked.
Almost 300 of the Oman websites have been registered under the same four names and 65 of them were registered in February alone, suggesting there will be an increase in victims in the coming months.
Endgame estimates that thousands of people from around the world are accidentally clicking on these websites every day.
Tony Neate, chief executive of Get Safe Online, the government-backed campaign, said: “As a consumer, the similar address and often professionallooking site means it can be difficult to recognise the dangers before it’s too late. However, there are warning signs — things like if there is a pop-up immediately as you enter the site, asking you to enter details or download something. “As best practice, it’s always worth double checking the website name to see if everything is spelt correctly. If there are errors, then leave the site as promptly as you can.”
House Buying Scams
Unsuspecting househunters are being tricked into paying huge sums to conmen posing as the owners of luxury properties, police have warned.
The scale of property fraud has hit £100 million in just six months as criminals deploy a range of scams to steal money flooding into the market.
Police and conveyancing solicitors warned that vendors and buyers are increasingly prone to fraud from criminals who use hacking skills to intercept emails and fool them into transferring large sums of money into fake accounts.
Reports of so-called “property hijacking”, where fraudsters pose as legitimate owners of property and fraudulently sell it on, have also increased.
In the past six months alone in England and Wales, indemnity insurers have paid out £100 million in total for the two types of fraud.
Police have warned owners of expensive homes, particularly in London, to beware of a scam in which fraudsters have posed as tenants to gain access to property. In some cases they have used private correspondence sent to the address to take on the owner’s identity before carrying out a sale with an unsuspecting buyer and making off with the proceeds.
In one case, Hurry Purrunsing transferred the purchase price of £470,000 for a property in Wimbledon, southwest London, unaware that the purported seller was a fraudster who had posed as the real owner using a fake passport. By the time the Land Registry wrote to the real owner’s second address, informing him it had an application to register a new owner, the money was gone. Mr Purrunsing successfully sued both his own solicitor and the seller’s solicitor for failing to carry out money-laundering inquiries and doing proper checks.
His new lawyer, Beth Holden, said that the vendor’s solicitors did not obtain a single document, such as a utility bill or a council tax bill, which linked their client to the property. She warned that increasingly fraudsters were changing their name via deed poll and applying for a genuine passport in that name to perpetrate such fraud.
Another prominent case involved the journalist and historian Sir Max Hastings, whose wife’s home in Fulham, west London, was targeted. A fraudster purported to be the real owner and duped a young female buyer into handing over £1.3 million. Although the fraudster changed her name by deed poll and got a passport in Lady Hastings’s name, the Land Registry thought the deal was suspicious and declined to register the sale.
The Land Registry said that since September 2009 it had prevented more than £80 million of property fraud.
The Metropolitan police confirmed that it had seen cases where “fraudsters are changing their name by deed poll to reflect that of a proprietor”. It urged home owners to update their contact address with the Land Registry, which could tell them if it noticed suspicious activity. The Land Registry also has a “property alert” system that will alert interested parties every time a check is done on that property.
City of London police said that cases in which criminals passed off properties as their own to unsuspecting buyers had nearly doubled since 2013. There are still a relatively small number of cases — 20 last year — but property experts said that they cost millions of pounds as properties at the high end of the market were being targeted.
Mark Unsworth, of Unsworth Rose solicitors, warned that fraudsters were scouring property websites to find homes under offer before hacking into the emails of the vendor, buyer or even solicitor to attempt to divert transfers of large sums into scam accounts.
A common trick was to pose as solicitors, inform buyers that the client account details had changed and have them transfer their deposit amounts elsewhere.
Bogus law firms
Bogus law firms set up by fraudsters who clone a genuine one to harvest money have doubled in number to more than 700, the solicitors’ watchdog said yesterday.
Almost half of all reports of fake law firms involved the identity theft of a firm or solicitor, often involving the cloning of a genuine firm’s website with a view to persuading members of the public to send money or information.
The Solicitors Regulation Authority (SRA) said there had been a doubling of bogus law firms since 2012. It said that genuine law firms were being targeted by cybercriminals, and in one in ten cases money had been stolen.
One of the newest tricks is “CEO fraud”, where senior figures in law firms are impersonated and the accounts team is ordered by email to transfer money to pay an invoice. This is often done on a Friday to give the criminals more time to avoid detection.
The SRA’s Risk Outlook report urges the public and law firms alike to be vigilant. The regulator also noted an increase in fraudsters sending bulk emails asking for money and confidential information. This is of particular concern, it says, because victims of bogus activity are not covered by the regulatory protections that apply when dealing with a regulated firm, such as access to the solicitors’ compensation fund.
As for law firms, the key risk is reputational damage from being cloned by a bogus firm, the report adds. “This may lead to the loss of future clients and income. There is also the possibility that firms may be held liable for losses attributed to having dealt with a bogus firm.” The SRA warns law firms and consumers to watch out for the potential signs of bogus firms. These may include the firm, branch office or individual not being recorded on the Law Society’s “find a solicitor” web page; unsolicited correspondence or correspondence containing errors of spelling, grammar or terminology; inconsistencies in the spelling of the name of the firm and a firm using only telephone numbers or email addresses.
Paul Philip, SRA chief executive, said: “We want to see firms proactively making sure their clients are also aware of the risks in this area. For instance, we would recommend that people avoid sharing bank details over email or transferring money before confirming the source of any request.”
The report suggests that firms make regular internet searches to check if anyone is using their name or those of their partners and staff without authorisation. It adds: “The increasing presence of bogus firms in the legal services market may be due to ineffective systems and controls in genuine firms and the general rise in cybercrime across the UK.”
Hard Work Cheating
A Cologne drinks vendor modified a bottle-recycling machine to swindle tens of thousands of euros from the German recycling system, a court learned on Tuesday. The man was then sentenced by a Cologne court on Wednesday to ten months in prison after he was convicted of professional deception.
The German bottle recycling system is simple enough. Place the bottle in the machine, press the button, take your receipt, and get a few cents back. But the 37-year-old drinks salesman manipulated a bottle-recycling machine in the cellar of his drinks shop to earn a lot more than a bit of spare change, according to the Kölner Stadt Anzeiger.
Having installed a magnet sensor and a kind of wooden tunnel into the machine, the man was able to feed the bottle into the mechanism, receive the compensation, and retrieve the bottle without it being shredded. The drinks vendor was therefore able to extract €44,362.75 from the machine by inserting the same bottle into the machine 177,451 times.
The defendant invested around €5,000 into his criminal machine. His lawyer stated that “it was a method by which one could earn good money with relatively little investment.”
The judge described the feat as a “logistical master stroke”, concluding that he must have “done nothing else every day other than attend to the machine.”
It is not known how long it took the man to earn the final sum, but the process was evidently extremely time-consuming. “I had a radio next to it because otherwise it was really boring,” the defendant replied.
The scam is unlikely to be a one-off. The Deutsche Pfandsystem Gesellschaft, which is responsible for the machine distribution and payments across Germany, did not notice the scam until an undercover detective was given an anonymous tip-off.